Known Vulnerabilities for Quarkus by Quarkus

Listed below are 10 of the newest known vulnerabilities associated with "Quarkus" by "Quarkus".

These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.

Data on known vulnerable versions is also displayed based on information from known CPEs

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2023-0481 In RestEasy Reactive implementation of Quarkus the insecure File.createTempFile() is used in the FileBodyHandler class which ... Not Provided 2023-02-24 2023-02-24
CVE-2023-0044 If the Quarkus Form Authentication session cookie Path attribute is set to `/` then a cross-site attack may be initiated whic... Not Provided 2023-02-23 2023-02-23
CVE-2022-21724 pgjdbc is the offical PostgreSQL JDBC Driver. A security hole was found in the jdbc driver for postgresql database while doin... 9.8 - CRITICAL 2022-02-02 2022-11-09
CVE-2022-21363 Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected ... 6.6 - MEDIUM 2022-01-19 2022-05-27
CVE-2022-4147 Quarkus CORS filter allows simple GET and POST requests with invalid Origin to proceed. Simple GET or POST requests made with... 6.6 - MEDIUM 2022-12-06 2023-02-12
CVE-2022-4116 A vulnerability was found in quarkus. This security flaw happens in Dev UI Config Editor which is vulnerable to drive-by loca... 6.6 - MEDIUM 2022-11-22 2023-02-12
CVE-2021-26291 Apache Maven will follow repositories that are defined in a dependency’s Project Object Model (pom) which may be surprising... 9.1 - CRITICAL 2021-04-23 2022-07-25
CVE-2021-21409 Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high p... 5.9 - MEDIUM 2021-03-30 2022-05-12
CVE-2021-21295 Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high p... 5.9 - MEDIUM 2021-03-09 2022-05-12
CVE-2021-21290 Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high p... 5.5 - MEDIUM 2021-02-08 2022-05-12
Results limited to 10 most recent vulnerabilities

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
ApplicationQuarkusQuarkus1.9.2AllAllAll
ApplicationQuarkusQuarkus1.9.1AllAllAll
ApplicationQuarkusQuarkus1.9.0-AllAll
ApplicationQuarkusQuarkus1.9.0candidate_release1AllAll
ApplicationQuarkusQuarkus1.9.0cr1AllAll
ApplicationQuarkusQuarkus1.8.3AllAllAll
ApplicationQuarkusQuarkus1.8.2AllAllAll
ApplicationQuarkusQuarkus1.8.1AllAllAll
ApplicationQuarkusQuarkus1.8.0-AllAll
ApplicationQuarkusQuarkus1.8.0candidate_release1AllAll
ApplicationQuarkusQuarkus1.8.0cr1AllAll
ApplicationQuarkusQuarkus1.7.6AllAllAll
ApplicationQuarkusQuarkus1.7.5AllAllAll
ApplicationQuarkusQuarkus1.7.4AllAllAll
ApplicationQuarkusQuarkus1.7.3AllAllAll
ApplicationQuarkusQuarkus1.7.2AllAllAll
ApplicationQuarkusQuarkus1.7.1AllAllAll
ApplicationQuarkusQuarkus1.7.0-AllAll
ApplicationQuarkusQuarkus1.7.0candidate_release1AllAll
ApplicationQuarkusQuarkus1.7.0candidate_release2AllAll
Results limited to 20 most recent known configurations

Popular searches for Quarkus

Quarkus - Start coding with code.quarkus.io

code.quarkus.io

Quarkus - Start coding with code.quarkus.io Group Artifact Build Tool Version Example code Configure more options Extensions. Info alert:This page will help you bootstrap your Quarkus Extensions configure, boot and integrate a framework or technology into your Quarkus W U S application. The flag means the extension helps you get started with example code.

quarkus.io/extensions Application software Plug-in (computing) Representational state transfer Source code Reactive programming Client (computing) Amazon Web Services Software framework Booting Computer programming Hibernate (framework) JSON Database Java Database Connectivity Configure script Add-on (Mozilla) Hypertext Transfer Protocol Technology Browser extension Serialization

Quarkus - Supersonic Subatomic Java

quarkus.io

Quarkus - Supersonic Subatomic Java Quarkus : Supersonic Subatomic Java

Java (programming language) Application software Library (computing) Imperative programming HotSpot GraalVM Kubernetes Booting Reactive programming GitHub OpenJDK Computing platform RSS Source code Instant-on Memory management Scalability Compile time Computer memory Collection (abstract data type)

By selecting these links, you may be leaving CVEreport webspace. We have provided these links to other websites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other websites that are more appropriate for your purpose. CVEreport does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, CVEreport does not endorse any commercial products that may be mentioned on these sites. Please address comments about any linked pages to [email protected].
© CVE.report 2023 Twitter Nitter Twitter Viewer |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

CVE.report and Source URL Uptime Status status.cve.report