CVE-2024-1726

Name of the Vulnerable Software and Affected Versions: Quarkus (affected versions not specified)

Description: The issue is related to a flaw in the RESTEasy Reactive implementation, where security checks for some JAX-RS endpoints are performed after serialization, leading to increased resource consumption. An attacker with knowledge of specific request paths can potentially identify vulnerable endpoints and trigger excessive resource usage, resulting in a denial of service. The estimated number of potentially affected devices and details about real-world incidents are not provided.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.