CVE-2025-1247

Name of the Vulnerable Software and Affected Versions: Quarkus REST (affected versions not specified)

Description: A flaw was found in Quarkus REST that allows request parameters to leak between concurrent requests if endpoints use field injection without a CDI scope. This issue enables attackers to manipulate request data, impersonate users, or access sensitive information.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.