{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-16T15:25:51.805","vulnerabilities":[{"cve":{"id":"CVE-2023-5675","sourceIdentifier":"secalert@redhat.com","published":"2024-04-25T16:15:08.570","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in Quarkus. When a Quarkus RestEasy Classic or Reactive JAX-RS endpoint has its methods declared in the abstract Java class or customized by Quarkus extensions using the annotation processor, the authorization of these methods will not be enforced if it is enabled by either 'quarkus.security.jaxrs.deny-unannotated-endpoints' or 'quarkus.security.jaxrs.default-roles-allowed' properties."},{"lang":"es","value":"Se encontró un defecto en Quarkus. Cuando un endpoint Quarkus RestEasy Classic o Reactive JAX-RS tiene sus métodos declarados en la clase Java abstracta o personalizados mediante extensiones de Quarkus utilizando el procesador de anotaciones, la autorización de estos métodos no se aplicará si está habilitada por 'quarkus.security.jaxrs.deny-unannotated-endpoints' o 'quarkus.security.jaxrs.default-roles-allowed'."}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":2.5}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-285"}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2024:0494","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2024:0495","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2023-5675","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2245197","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2024:0494","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://access.redhat.com/errata/RHSA-2024:0495","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://access.redhat.com/security/cve/CVE-2023-5675","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2245197","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}