Known Vulnerabilities for Quarkus by Quarkus

Listed below are 10 of the newest known vulnerabilities associated with "Quarkus" by "Quarkus".

These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.

Data on known vulnerable versions is also displayed based on information from known CPEs

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2023-0481 In RestEasy Reactive implementation of Quarkus the insecure File.createTempFile() is used in the FileBodyHandler class which ... Not Provided 2023-02-24 2023-02-24
CVE-2023-0044 If the Quarkus Form Authentication session cookie Path attribute is set to `/` then a cross-site attack may be initiated whic... Not Provided 2023-02-23 2023-02-23
CVE-2022-21724 pgjdbc is the offical PostgreSQL JDBC Driver. A security hole was found in the jdbc driver for postgresql database while doin... 9.8 - CRITICAL 2022-02-02 2022-11-09
CVE-2022-21363 Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected ... 6.6 - MEDIUM 2022-01-19 2022-05-27
CVE-2022-4147 Quarkus CORS filter allows simple GET and POST requests with invalid Origin to proceed. Simple GET or POST requests made with... 6.6 - MEDIUM 2022-12-06 2023-02-12
CVE-2022-4116 A vulnerability was found in quarkus. This security flaw happens in Dev UI Config Editor which is vulnerable to drive-by loca... 6.6 - MEDIUM 2022-11-22 2023-02-12
CVE-2021-26291 Apache Maven will follow repositories that are defined in a dependency’s Project Object Model (pom) which may be surprising... 9.1 - CRITICAL 2021-04-23 2022-07-25
CVE-2021-21409 Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high p... 5.9 - MEDIUM 2021-03-30 2022-05-12
CVE-2021-21295 Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high p... 5.9 - MEDIUM 2021-03-09 2022-05-12
CVE-2021-21290 Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high p... 5.5 - MEDIUM 2021-02-08 2022-05-12

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language

Popular searches for Quarkus

Quarkus - Start coding with

Quarkus - Start coding with Group Artifact Build Tool Version Example code Configure more options Extensions. Info alert:This page will help you bootstrap your Quarkus Extensions configure, boot and integrate a framework or technology into your Quarkus W U S application. The flag means the extension helps you get started with example code. Application software Plug-in (computing) Representational state transfer Source code Reactive programming Client (computing) Amazon Web Services Software framework Booting Computer programming Hibernate (framework) JSON Database Java Database Connectivity Configure script Add-on (Mozilla) Hypertext Transfer Protocol Technology Browser extension Serialization

Quarkus - Supersonic Subatomic Java

Quarkus - Supersonic Subatomic Java Quarkus : Supersonic Subatomic Java

Java (programming language) Application software Library (computing) Imperative programming HotSpot GraalVM Kubernetes Booting Reactive programming GitHub OpenJDK Computing platform RSS Source code Instant-on Memory management Scalability Compile time Computer memory Collection (abstract data type)

© 2023 Twitter Nitter Twitter Viewer |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license. and Source URL Uptime Status