Loading
A flaw was found in Quarkus where HTTP security policies are not sanitizing certain character permutations correctly when accepting requests, resulting in incorrect evaluation of permissions. This issue could allow an attacker to bypass the security policy altogether, resulting in unauthorized endpoint access and possibly a denial of service.
Use CWE-148, Quarkus vendor hub and Quarkus product page to widen CVE-2023-4853 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2022-4116, CVE-2024-12225 and CVE-2023-6267 for nearby disclosures in the same product family.