📦 Quarkus
by Quarkus
🔍 What is Quarkus?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
This vulnerability in Quarkus's WebAuthn module allows attackers to bypass authentication by accessing default REST endpoints that remain active even when custom endpoints are configured. Attackers ca...
Apache Maven follows repository references defined in dependency POM files, allowing malicious actors to redirect builds to compromised repositories. This affects Maven users who build projects with d...
CVE-2023-6394 is an authentication bypass vulnerability in Quarkus where GraphQL operations over WebSocket connections are processed without proper role-based permission checks, even when endpoints ar...
This vulnerability in Quarkus allows attackers to access sensitive build system information that remains in artifacts created with the Gradle plugin. The flaw occurs due to improper sanitization of bu...
This vulnerability in Quarkus allows attackers to bypass HTTP security policies by using specially crafted character permutations in requests. Affected systems could experience unauthorized access to ...
CVE-2022-0981 is an authorization bypass vulnerability in Quarkus's RestEasy Reactive component where user state and permissions can leak between web requests. This allows authenticated low-privileged...
CVE-2021-37136 is a denial-of-service vulnerability in Netty's Bzip2Decoder that allows attackers to trigger out-of-memory errors by sending specially crafted Bzip2 compressed data. The vulnerability ...
This vulnerability allows local privilege escalation on Unix-like systems by exploiting insecure permissions in the system temporary directory. Attackers can delete and recreate files during Gradle bu...
A thread exhaustion vulnerability in Quarkus REST HTTP layer causes worker threads to become permanently blocked when client connections drop during response transmission. This affects Quarkus applica...
This vulnerability in Google Guava's createTempDir() method creates temporary directories with world-readable permissions on Unix-like systems, allowing any user on the same machine to potentially rea...