📦 Build Of Quarkus

CVE-2023-6394 is an authentication bypass vulnerability in Quarkus where GraphQL operations over WebSocket connections are processed without proper role-based permission checks, even when endpoints ar...

CVE-2023-44487 is an HTTP/2 protocol vulnerability that allows attackers to cause denial of service by rapidly resetting streams, consuming server resources. This affects any system using HTTP/2, incl...

This vulnerability in Quarkus allows attackers to bypass HTTP security policies by using specially crafted character permutations in requests. Affected systems could experience unauthorized access to ...

CVE-2023-1108 is a denial-of-service vulnerability in Undertow's SSL/TLS implementation where an infinite loop in the handshake process can crash the server. This affects any system running vulnerable...

CVE-2022-4492 is a server certificate validation bypass vulnerability in Undertow HTTP client. It allows attackers to perform man-in-the-middle attacks by presenting invalid certificates that should b...

A use-after-free vulnerability in the Linux kernel's FUSE filesystem allows a local attacker to trigger write() operations that can lead to unauthorized data access and privilege escalation. This affe...

CVE-2021-3609 is a race condition vulnerability in the Linux kernel's CAN BCM networking protocol that allows local attackers to corrupt memory and potentially escalate privileges to root. This affect...

This vulnerability in fabric8 kubernetes-client allows malicious pods/containers to exploit the copy command to extract files outside the intended working directory path. Applications using the vulner...