Vulnerabilities > Redhat > Build OF Quarkus > High

DATE CVE VULNERABILITY TITLE RISK
2023-10-10 CVE-2023-44487 The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. 7.5
2023-09-20 CVE-2023-4853 Incorrect Authorization vulnerability in multiple products
A flaw was found in Quarkus where HTTP security policies are not sanitizing certain character permutations correctly when accepting requests, resulting in incorrect evaluation of permissions.
network
high complexity
quarkus redhat CWE-863
8.1
2023-09-14 CVE-2023-1108 Infinite Loop vulnerability in multiple products
A flaw was found in undertow.
network
low complexity
redhat netapp CWE-835
7.5
2023-07-04 CVE-2023-2974 Unspecified vulnerability in Redhat Build of Quarkus
A vulnerability was found in quarkus-core.
network
low complexity
redhat
8.1
2023-02-23 CVE-2022-4492 Unspecified vulnerability in Redhat products
The undertow client is not checking the server identity presented by the server certificate in https connections.
network
low complexity
redhat
7.5
2022-08-31 CVE-2022-1259 A flaw was found in Undertow.
network
low complexity
redhat netapp
7.5
2022-03-18 CVE-2022-1011 Use After Free vulnerability in multiple products
A use-after-free flaw was found in the Linux kernel’s FUSE filesystem in the way a user triggers write().
7.8
2022-03-03 CVE-2021-3609 .A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges.
local
high complexity
linux redhat netapp
7.0
2021-03-16 CVE-2021-20218 Unspecified vulnerability in Redhat products
A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after.
network
high complexity
redhat
7.4