High

DATE	CVE	VULNERABILITY TITLE	RISK
2023-09-20	CVE-2023-4853	Incorrect Authorization vulnerability in multiple products A flaw was found in Quarkus where HTTP security policies are not sanitizing certain character permutations correctly when accepting requests, resulting in incorrect evaluation of permissions. network high complexity quarkus redhat CWE-863	8.1
2022-08-10	CVE-2022-2458	XXE vulnerability in Redhat Process Automation Manager 7.5.1 XML external entity injection(XXE) is a vulnerability that allows an attacker to interfere with an application's processing of XML data. network low complexity redhat CWE-611	8.2