Lucene search
K

25 matches found

NVD
NVD
added 11 hours ago4 views

CVE-2026-40859

Deserialization of Untrusted Data vulnerability in Apache Camel. The camel-vertx-http component deserializes HTTP response bodies carrying the Content-Type application/x-java-serialized-object using a raw java.io.ObjectInputStream, without applying any ObjectInputFilter...

8.1CVSS
Exploits0References2
CVE
CVE
added 12 hours ago6 views

CVE-2026-40859

Deserialization of Untrusted Data vulnerability in Apache Camel. The camel-vertx-http component deserializes HTTP response bodies carrying the Content-Type application/x-java-serialized-object using a raw java.io.ObjectInputStream, without applying any ObjectInputFilter...

8.1CVSS6.7AI score
Exploits0References2
Cvelist
Cvelist
added 12 hours ago6 views

CVE-2026-40859 Apache Camel: Camel-Vertx-Http: Unsafe Java deserialization of HTTP response bodies via a raw ObjectInputStream when transferException is enabled

Deserialization of Untrusted Data vulnerability in Apache Camel. The camel-vertx-http component deserializes HTTP response bodies carrying the Content-Type application/x-java-serialized-object using a raw java.io.ObjectInputStream, without applying any ObjectInputFilter...

Exploits0References1
ATTACKERKB
ATTACKERKB
added 12 hours ago3 views

CVE-2026-40859

Deserialization of Untrusted Data vulnerability in Apache Camel. The camel-vertx-http component deserializes HTTP response bodies carrying the Content-Type application/x-java-serialized-object using a raw java.io.ObjectInputStream, without applying any ObjectInputFilter...

6.7AI score
Exploits0References2Affected Software1
Snyk
Snyk
added 2026/06/17 12:0 a.m.7 views

Path Equivalence

Overview io.quarkus:quarkus-vertx-http is a Cloud Native, Linux Container First framework for writing Java applications. Affected versions of this package are vulnerable to Path Equivalence in the pathWithoutMatrixParams of AbstractPathMatchingHttpSecurityPolicy via specially crafted HTTP request...

8.7CVSS5.9AI score0.00451EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2026/05/05 7:56 a.m.5 views

io.quarkus:quarkus-vertx-http: io.quarkus:quarkus-vertx-http: Authorization bypass via semicolons in HTTP requests

A flaw was found in io.quarkus:quarkus-vertx-http. A remote attacker can exploit an authorization bypass vulnerability by including semicolons, also known as matrix parameters, in HTTP requests. This allows bypassing path-based HTTP security policies, enabling unauthorized access to protected...

8.8CVSS5.8AI score0.00444EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/05/05 7:56 a.m.22 views

Important: Red Hat Security Advisory: Red Hat Build of Apache Camel 4.14 for Quarkus 3.27 update is now available (RHBQ 3.27.3.SP1)

An update for Red Hat Build of Apache Camel 4.14 for Quarkus 3.27 update is now available RHBQ 3.27.3.SP1. The purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products. Red Hat Product...

9.3CVSS5.9AI score0.00758EPSS
Exploits0References13
RedHat Linux
RedHat Linux
added 2026/05/05 3:47 a.m.10 views

io.quarkus:quarkus-vertx-http: io.quarkus:quarkus-vertx-http: Authorization bypass via semicolons in HTTP requests

A flaw was found in io.quarkus:quarkus-vertx-http. A remote attacker can exploit an authorization bypass vulnerability by including semicolons, also known as matrix parameters, in HTTP requests. This allows bypassing path-based HTTP security policies, enabling unauthorized access to protected...

8.8CVSS5.8AI score0.00444EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/05/05 3:47 a.m.5 views

io.quarkus:quarkus-vertx-http: io.quarkus:quarkus-vertx-http: Authorization bypass via semicolons in HTTP requests

A flaw was found in io.quarkus:quarkus-vertx-http. A remote attacker can exploit an authorization bypass vulnerability by including semicolons, also known as matrix parameters, in HTTP requests. This allows bypassing path-based HTTP security policies, enabling unauthorized access to protected...

8.8CVSS5.8AI score0.00444EPSS
Exploits0References5
vulnersOsv
vulnersOsv
added 2026/05/04 5:20 p.m.8 views

ai.timefold.solver:timefold-solver-quarkus-benchmark-integration-test (>=0.8.38 <=1.20.1), ai.timefold.solver:timefold-solver-quarkus-devui-integration-test (>=0.8.38 <=1.20.1) +2517 more potentially affected by CVE-2026-39852 via io.quarkus:quarkus-vertx-http (>=0.23.0 <=3.20.6)

io.quarkus:quarkus-vertx-http MAVEN version =0.23.0, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.0.1, =0.0.1, =0.0.1, =0.0.4, =0.0.4, =0.0.4, =0.0.4, =0.0.2, =0.0.5 and more Source cves: CVE-2026-39852 Source advisory: OSV:GHSA-RC95-PCM8-65V9...

8.8CVSS5.7AI score0.00444EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/04 5:20 p.m.11 views

ai.timefold.solver:timefold-solver-quarkus-benchmark-integration-test (>=0.9.38 <=1.20.1), ai.timefold.solver:timefold-solver-quarkus-devui-integration-test (>=0.9.38 <=1.20.1) +1591 more potentially affected by CVE-2026-39852 via io.quarkus:quarkus-vertx-http (>=3.0.0.Alpha1 <=3.20.6)

io.quarkus:quarkus-vertx-http MAVEN version =3.0.0.Alpha1, =0.9.38, =0.9.38, =0.9.38, =0.9.38, =0.9.38, =0.9.38, =0.0.1, =0.0.1, =0.0.1, =0.0.4, =0.0.4, =0.0.4, =0.0.4, =0.0.2, =0.0.1, =0.0.5 and more Source cves: CVE-2026-39852 Source advisory: SNYK:JAVA-IOQUARKUS-16420254...

8.8CVSS5.7AI score0.00444EPSS
Exploits0
Snyk
Snyk
added 2026/05/04 5:20 p.m.8 views

Incorrect Authorization

Overview io.quarkus:quarkus-vertx-http is a Cloud Native, Linux Container First framework for writing Java applications. Affected versions of this package are vulnerable to Incorrect Authorization when handling HTTP request paths that have had normalizedPath applied. An attacker can gain...

8.8CVSS6AI score0.00444EPSS
Exploits0References3
Snyk
Snyk
added 2026/02/10 11:54 a.m.6 views

Improper Output Neutralization for Logs

Overview io.quarkus:quarkus-vertx-http is a Cloud Native, Linux Container First framework for writing Java applications. Affected versions of this package are vulnerable to Improper Output Neutralization for Logs in the HTTP access logs with long pattern when the logging format is set to a verbos...

5.1CVSS5.6AI score0.00141EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2026/02/10 11:54 a.m.9 views

ai.timefold.solver:timefold-solver-quarkus-benchmark-integration-test (>=0.9.38 <=1.26.2), ai.timefold.solver:timefold-solver-quarkus-devui-integration-test (>=0.9.38 <=1.26.2) +1739 more potentially affected by CVE-2025-11537 via io.quarkus:quarkus-vertx-http (>=3.0.0.Alpha1 <=3.27.1)

io.quarkus:quarkus-vertx-http MAVEN version =3.0.0.Alpha1, =0.9.38, =0.9.38, =0.9.38, =0.9.38, =0.9.38, =0.9.38, =0.0.6, =0.0.1, =0.0.6, =0.0.6, =0.0.6, =0.0.1, =0.0.1, =0.0.4, =0.0.4, =0.0.5 and more Source cves: CVE-2025-11537 Source advisory: SNYK:JAVA-IOQUARKUS-15265250...

5CVSS5.7AI score0.00141EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2023/09/21 7:7 p.m.52 views

Important: Red Hat Security Advisory: Red Hat Integration Camel K 1.10.2 release security update

Red Hat Integration Camel K 1.10.2 release and security update is now available. Red Hat Product Security has rated this update as having an impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

8.1CVSS7.2AI score0.01215EPSS
Exploits1References4
vulnersOsv
vulnersOsv
added 2023/09/20 12:30 p.m.5 views

ai.timefold.solver:timefold-solver-quarkus-benchmark-integration-test (=1.2.0), ai.timefold.solver:timefold-solver-quarkus-devui-integration-test (=1.2.0) +240 more potentially affected by CVE-2023-4853 via io.quarkus:quarkus-vertx-http (>=3.3.0 <=3.3.2)

io.quarkus:quarkus-vertx-http MAVEN version =3.3.0, =0.0.10, =1.8.1, =1.8.1, =1.8.6, =1.8.6, =1.9.0, =1.9.0, =1.10.1, =1.10.1, =1.10.3 and more Source cves: CVE-2023-4853 Source advisory: OSV:GHSA-4F4R-WGV2-JJVG...

8.1CVSS7.2AI score0.01215EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2023/09/20 12:30 p.m.7 views

ai.aletyx.kogito:aletyx-kogito-ai-addons-quarkus-adhoc-subprocess (>=0.1.0 <=0.2.0), ai.aletyx.kogito:aletyx-kogito-ai-addons-quarkus-adhoc-subprocess-storage-jpa (>=0.1.0 <=0.2.0) +1900 more potentially affected by CVE-2023-4853 via io.quarkus:quarkus-vertx-http (>=3.0.0.Alpha1 <=3.2.5.Final)

io.quarkus:quarkus-vertx-http MAVEN version =3.0.0.Alpha1, =0.1.0, =0.1.0, =0.0.2, =0.1.1, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.10 and more Source cves: CVE-2023-4853 Source advisory: OSV:GHSA-4F4R-WGV2-JJVG...

8.1CVSS7.2AI score0.01215EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2023/09/20 12:30 p.m.3 views

br.com.labbs:quarkus-monitor (>=0.1.5 <=0.3.0), br.com.labbs:quarkus-monitor-deployment (>=0.1.5 <=0.3.0) +1653 more potentially affected by CVE-2023-4853 via io.quarkus:quarkus-vertx-http (>=0.23.0 <=2.16.10.Final)

io.quarkus:quarkus-vertx-http MAVEN version =0.23.0, =0.1.5, =0.1.5, =1.0.2, =1.0.2, =1.0.2, =1.3.2, =1.0.132, =1.0.132, =1.0.133, =1.0.42, =1.0.42, =1.0.42, =1.3.2, =1.5.1 and more Source cves: CVE-2023-4853 Source advisory: OSV:GHSA-4F4R-WGV2-JJVG...

8.1CVSS7.2AI score0.01215EPSS
Exploits1
Veracode
Veracode
added 2023/03/01 2:13 a.m.29 views

Cross-site Scripting (XSS)

quarkus-vertx-http is vulnerable to Cross-site Scripting XSS. The vulnerability exists because the library's form authentication session cookie path attribute is set to /, which allows an attacker to redirect malicious URLs, resulting in information disclosure...

6.1CVSS6.3AI score0.0055EPSS
Exploits0References5Affected Software1
vulnersOsv
vulnersOsv
added 2023/02/23 9:30 p.m.6 views

br.com.labbs:quarkus-monitor (>=0.1.5 <=0.3.0), br.com.labbs:quarkus-monitor-deployment (>=0.1.5 <=0.3.0) +1517 more potentially affected by CVE-2023-0044 via io.quarkus:quarkus-vertx-http (>=0.23.0 <=2.13.6.Final)

io.quarkus:quarkus-vertx-http MAVEN version =0.23.0, =0.1.5, =0.1.5, =1.0.2, =1.0.2, =1.0.2, =1.0.132, =1.0.132, =1.0.133, =1.0.42, =1.0.42, =1.0.42, =1.0.22, =1.0.22, =1.0.30 and more Source cves: CVE-2023-0044 Source advisory: OSV:GHSA-C57V-HC7M-8PX2...

6.1CVSS6.2AI score0.0055EPSS
Exploits0
Rows per page
Query Builder