Vulnerabilities > Quarkus

DATE	CVE	VULNERABILITY TITLE	RISK
2022-12-06	CVE-2022-4147	Unspecified vulnerability in Quarkus Quarkus CORS filter allows simple GET and POST requests with invalid Origin to proceed. network high complexity quarkus	7.5
2022-11-22	CVE-2022-4116	Code Injection vulnerability in multiple products A vulnerability was found in quarkus. network low complexity redhat quarkus CWE-94 critical	9.8
2022-10-02	CVE-2022-42003	Deserialization of Untrusted Data vulnerability in multiple products In FasterXML jackson-databind before 2.14.0-rc1, resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid deep wrapper array nesting, when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled. network low complexity fasterxml quarkus debian netapp CWE-502	7.5
2022-10-02	CVE-2022-42004	Deserialization of Untrusted Data vulnerability in multiple products In FasterXML jackson-databind before 2.13.4, resource exhaustion can occur because of a lack of a check in BeanDeserializer._deserializeFromArray to prevent use of deeply nested arrays. network low complexity fasterxml quarkus debian netapp CWE-502	7.5
2022-03-23	CVE-2022-0981	Incorrect Authorization vulnerability in Quarkus A flaw was found in Quarkus. network low complexity quarkus CWE-863	6.5
2022-02-02	CVE-2022-21724	Improper Initialization vulnerability in multiple products pgjdbc is the offical PostgreSQL JDBC Driver. network low complexity postgresql fedoraproject quarkus debian CWE-665 critical	9.8
2022-01-19	CVE-2022-21363	Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). network oracle quarkus	6.0
2021-12-09	CVE-2021-43797	HTTP Request Smuggling vulnerability in multiple products Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. network low complexity netty quarkus netapp oracle CWE-444	6.5
2021-10-20	CVE-2021-2471	Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). network oracle quarkus	7.9
2021-10-19	CVE-2021-37136	Resource Exhaustion vulnerability in multiple products The Bzip2 decompression decoder function doesn't allow setting size restrictions on the decompressed output data (which affects the allocation size used during decompression). network low complexity netty quarkus oracle netapp CWE-400	7.5

Vulnerabilities > Quarkus {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Quarkus"}]}

Vulnerabilities > Quarkus