{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-21T16:16:31.944","vulnerabilities":[{"cve":{"id":"CVE-2025-1247","sourceIdentifier":"secalert@redhat.com","published":"2025-02-13T14:16:18.400","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in Quarkus REST that allows request parameters to leak between concurrent requests if endpoints use field injection without a CDI scope. This vulnerability allows attackers to manipulate request data, impersonate users, or access sensitive information."},{"lang":"es","value":"Se encontró una falla en Quarkus REST que permite que los parámetros de solicitud se filtren entre solicitudes concurrentes si los endpoints usan la inyección de campos sin un alcance CDI. Esta vulnerabilidad permite a los atacantes manipular los datos de la solicitud, hacerse pasar por usuarios o acceder a información confidencial."}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L","baseScore":8.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":5.5}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-488"}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2025:1884","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:1885","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:2067","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2025-1247","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2345172","source":"secalert@redhat.com"},{"url":"https://github.com/quarkusio/quarkus/issues/45789","source":"secalert@redhat.com"}]}}]}