VYPR

Maven package

io.quarkus/quarkus-rest

pkg:maven/io.quarkus/quarkus-rest

Vulnerabilities (2)

  • CVE-2025-66560Jan 7, 2026
    affected < 3.20.5fixed 3.20.5

    Quarkus is a Cloud Native, (Linux) Container First framework for writing Java applications. Prior to versions 3.31.0, 3.27.2, and 3.20.5, a vulnerability exists in the HTTP layer of Quarkus REST related to response handling. When a response is being written, the framework waits f

  • CVE-2025-1247HigFeb 13, 2025
    affected >= 3.16.0.CR1, < 3.18.2fixed 3.18.2

    A flaw was found in Quarkus REST that allows request parameters to leak between concurrent requests if endpoints use field injection without a CDI scope. This vulnerability allows attackers to manipulate request data, impersonate users, or access sensitive information.