Описание
A flaw was found in Quarkus REST that allows request parameters to leak between concurrent requests if endpoints use field injection without a CDI scope. This vulnerability allows attackers to manipulate request data, impersonate users, or access sensitive information.
EPSS
Процентиль: 28%
0.00101
Низкий
8.3 High
CVSS3
Дефекты
CWE-488
Связанные уязвимости
CVSS3: 8.3
redhat
11 месяцев назад
A flaw was found in Quarkus REST that allows request parameters to leak between concurrent requests if endpoints use field injection without a CDI scope. This vulnerability allows attackers to manipulate request data, impersonate users, or access sensitive information.
CVSS3: 8.3
github
11 месяцев назад
Quarkus REST Endpoint Request Parameter Leakage Due to Shared Instance
EPSS
Процентиль: 28%
0.00101
Низкий
8.3 High
CVSS3
Дефекты
CWE-488