We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
A flaw was found in the json payload. If annotation based security is used to secure a REST resource, the JSON body that the resource may consume is being processed (deserialized) prior to the security constraints being evaluated and applied. This does not happen with configuration based security.
Reserved 2023-11-23 | Published 2024-01-25 | Updated 2025-06-17 | Assigner redhatImproper Handling of Exceptional Conditions
2023-11-23: | Reported to Red Hat. |
2024-01-24: | Made public. |
access.redhat.com/errata/RHSA-2024:0494 (RHSA-2024:0494)
access.redhat.com/errata/RHSA-2024:0495 (RHSA-2024:0495)
access.redhat.com/security/cve/CVE-2023-6267
bugzilla.redhat.com/show_bug.cgi?id=2251155 (RHBZ#2251155)
Support options