Maven package
io.quarkus/quarkus-rest-deployment
pkg:maven/io.quarkus/quarkus-rest-deployment
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-1247 | Hig | 8.3 | >= 3.16.0.CR1, < 3.18.2 | 3.18.2 | Feb 13, 2025 | A flaw was found in Quarkus REST that allows request parameters to leak between concurrent requests if endpoints use field injection without a CDI scope. This vulnerability allows attackers to manipulate request data, impersonate users, or access sensitive information. |
- affected >= 3.16.0.CR1, < 3.18.2fixed 3.18.2
A flaw was found in Quarkus REST that allows request parameters to leak between concurrent requests if endpoints use field injection without a CDI scope. This vulnerability allows attackers to manipulate request data, impersonate users, or access sensitive information.