Lucene search
K

7 matches found

RedHat Linux
RedHat Linux
added 2022/12/14 1:15 p.m.96 views

Important: Red Hat Security Advisory: Red Hat build of Quarkus 2.13.5 release and security update

An update is now available for Red Hat build of Quarkus. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability. For more informatio...

9.8CVSS7.1AI score0.99931EPSS
Exploits46References11
RedHat Linux
RedHat Linux
added 2022/12/13 1:20 p.m.48 views

Important: Red Hat Security Advisory: Red Hat build of Quarkus Platform 2.7.6.SP3 and security update

An update is now available for Red Hat build of Quarkus Platform. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability. For more...

9.8CVSS7.1AI score0.32516EPSS
Exploits1References7
Circl
Circl
added 2022/12/06 10:40 p.m.9 views

CVE-2022-4147

creationtimestamp| type| source ---|---|--- 2022-12-06 22:40:59+00:00| seen| https://t.me/cibsecurity/54091...

7.5CVSS7.7AI score0.00577EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2022/12/06 9:30 p.m.5 views

br.com.labbs:quarkus-monitor (>=0.1.5 <=0.3.0), br.com.labbs:quarkus-monitor-deployment (>=0.1.5 <=0.3.0) +1513 more potentially affected by CVE-2022-4147 via io.quarkus:quarkus-vertx-http (>=0.23.0 <=2.13.4.Final)

io.quarkus:quarkus-vertx-http MAVEN version =0.23.0, =0.1.5, =0.1.5, =1.0.2, =1.0.2, =1.0.2, =1.0.132, =1.0.132, =1.0.133, =1.0.42, =1.0.42, =1.0.42, =1.0.22, =1.0.22, =1.0.30 and more Source cves: CVE-2022-4147 Source advisory: OSV:GHSA-9895-G6X5-XWCP...

7.5CVSS7.1AI score0.00577EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/12/06 9:30 p.m.4 views

com.abavilla:fpi-bot-api (>=1.2.0 <=1.4.2), com.abavilla:fpi-bot-api-core (>=1.2.0 <=1.3.1) +696 more potentially affected by CVE-2022-4147 via io.quarkus:quarkus-vertx-http (>=2.14.0.CR1 <=2.14.1.Final)

io.quarkus:quarkus-vertx-http MAVEN version =2.14.0.CR1, =1.2.0, =1.2.0, =1.2.0, =1.3.2, =1.5.0, =1.5.0, =1.2.1, =1.2.1, =1.2.1, =1.3.2, =1.2.0, =1.2.0, =1.2.0, =1.3.3, =1.4.1 - com.abavilla:fpi-meta-plugin =1.0.19 and more Source cves: CVE-2022-4147 Source advisory: OSV:GHSA-9895-G6X5-XWCP...

7.5CVSS7.1AI score0.00577EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2022/12/06 12:0 a.m.6 views

CVE-2022-4147

Quarkus CORS filter allows simple GET and POST requests with invalid Origin to proceed. Simple GET or POST requests made with XMLHttpRequest are the ones which have no event listeners registered on the object returned by the XMLHttpRequest upload property and have no ReadableStream object used in...

7.5AI score0.00577EPSS
Exploits0References1
CVE
CVE
added 2022/12/06 12:0 a.m.139 views

CVE-2022-4147

CVE-2022-4147 affects the Quarkus CORS filter. The issue allows simple GET/POST requests with an invalid Origin to proceed, potentially enabling cross-origin abuse. The description in multiple sources notes that such requests (e.g., XMLHttpRequest-based) can bypass origin checks when the request ...

7.5CVSS7.5AI score0.00577EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder