Lucene search
China National Vulnerability DatabaseCNVD-2022-86318HistoryNov 24, 2022 - 12:00 a.m.
Quarkus has an unspecified vulnerability
2022-11-2400:00:00
China National Vulnerability Database
www.cnvd.org.cn
14
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Quarkus is a cloud-native (Linux) container-first framework for writing Java applications. security vulnerabilities exist in versions of Quarkus prior to 2.13.5, 2.14.0 and later, and prior to 2.14.2. An attacker could exploit the vulnerability to remotely execute code.
| CPE | Name | Operator | Version |
|---|---|---|---|
| quarkus quarkus | lt | 2.13.5 | |
| quarkus quarkus >=2.14.0, | lt | 2.14.2 |
Related
osv
osv
CVE-2022-4116
2022-11-22 19:15:18
Code injection in quarkus dev ui config editor
2022-11-22 21:30:17
cve
cve
CVE-2022-4116
2022-11-22 19:15:00
prion
prion
Remote code execution
2022-11-22 19:15:00
thn
thn
github
github
Code injection in quarkus dev ui config editor
2022-11-22 21:30:17
veracode
veracode
Remote Code Execution (RCE)
2022-11-30 04:15:38
redhatcve
redhatcve
CVE-2022-4116
2022-11-22 08:26:03
redhat
redhat
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Related for CNVD-2022-86318