Vulnerabilities > Redhat > Build OF Quarkus > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-10 | CVE-2023-44487 | The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. | 7.5 |
| 2023-09-20 | CVE-2023-4853 | Incorrect Authorization vulnerability in multiple products A flaw was found in Quarkus where HTTP security policies are not sanitizing certain character permutations correctly when accepting requests, resulting in incorrect evaluation of permissions. | 8.1 |
| 2023-09-14 | CVE-2023-1108 | Infinite Loop vulnerability in multiple products A flaw was found in undertow. | 7.5 |
| 2023-07-04 | CVE-2023-2974 | Unspecified vulnerability in Redhat Build of Quarkus A vulnerability was found in quarkus-core. | 8.1 |
| 2023-02-23 | CVE-2022-4492 | Unspecified vulnerability in Redhat products The undertow client is not checking the server identity presented by the server certificate in https connections. | 7.5 |
| 2022-08-31 | CVE-2022-1259 | Resource Exhaustion vulnerability in multiple products A flaw was found in Undertow. | 7.5 |
| 2022-03-18 | CVE-2022-1011 | Use After Free vulnerability in multiple products A use-after-free flaw was found in the Linux kernel’s FUSE filesystem in the way a user triggers write(). | 7.8 |
| 2022-03-03 | CVE-2021-3609 | Race Condition vulnerability in multiple products .A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. | 7.0 |