Build OF Quarkus

DATE	CVE	VULNERABILITY TITLE	RISK
2022-08-31	CVE-2022-1259	Resource Exhaustion vulnerability in multiple products A flaw was found in Undertow. network low complexity redhat netapp CWE-400	7.5
2022-08-26	CVE-2021-3669	Allocation of Resources Without Limits or Throttling vulnerability in multiple products A flaw was found in the Linux kernel. local low complexity linux ibm debian fedoraproject redhat CWE-770	5.5
2022-08-24	CVE-2021-4178	Deserialization of Untrusted Data vulnerability in Redhat products A arbitrary code execution flaw was found in the Fabric 8 Kubernetes client affecting versions 5.0.0-beta-1 and above. local low complexity redhat CWE-502	6.7
2022-03-18	CVE-2022-1011	Use After Free vulnerability in multiple products A use-after-free flaw was found in the Linux kernel’s FUSE filesystem in the way a user triggers write(). local low complexity linux fedoraproject redhat netapp debian oracle CWE-416	7.8
2022-03-04	CVE-2021-3744	Memory Leak vulnerability in multiple products A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption). local low complexity linux fedoraproject debian redhat oracle CWE-401	5.5
2022-03-03	CVE-2021-3609	Race Condition vulnerability in multiple products .A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. local high complexity linux redhat netapp CWE-362	7.0
2021-08-05	CVE-2021-3642	Information Exposure Through Discrepancy vulnerability in multiple products A flaw was found in Wildfly Elytron in versions prior to 1.10.14.Final, prior to 1.15.5.Final and prior to 1.16.1.Final where ScramServer may be susceptible to Timing Attack if enabled. network redhat quarkus CWE-203	3.5
2021-05-20	CVE-2021-3536	Cross-site Scripting vulnerability in Redhat products A flaw was found in Wildfly in versions before 23.0.2.Final while creating a new role in domain mode via the admin console, it is possible to add a payload in the name field, leading to XSS. network redhat CWE-79	3.5
2021-03-16	CVE-2021-20218	Path Traversal vulnerability in Redhat products A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after. network redhat CWE-22	5.8
2020-07-06	CVE-2019-14900	SQL Injection vulnerability in multiple products A flaw was found in Hibernate ORM in versions before 5.3.18, 5.4.18 and 5.5.0.Beta1. network low complexity hibernate redhat quarkus CWE-89	6.5