Maven package
io.quarkus/quarkus-smallrye-graphql-client
pkg:maven/io.quarkus/quarkus-smallrye-graphql-client
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-6394 | — | >= 2.14.0, < 3.5.3 | 3.5.3 | Dec 9, 2023 | A flaw was found in Quarkus. This issue occurs when receiving a request over websocket with no role-based permission specified on the GraphQL operation, Quarkus processes the request without authentication despite the endpoint being secured. This can allow an attacker to access i |
- CVE-2023-6394Dec 9, 2023affected >= 2.14.0, < 3.5.3fixed 3.5.3
A flaw was found in Quarkus. This issue occurs when receiving a request over websocket with no role-based permission specified on the GraphQL operation, Quarkus processes the request without authentication despite the endpoint being secured. This can allow an attacker to access i