6 matches found
EUVD-2022-7578
Malicious code in bioql PyPI...
quarkus-vertx-http: Security misconfiguration of CORS : OWASP A05_2021 level in Quarkus
A vulnerability was found in Quarkus. The Quarkus CORS filter allows simple GET and POST requests with an invalid Origin to proceed. Simple GET or POST requests made with XMLHttpRequest have no event listeners registered on the object returned by the XMLHttpRequest upload property, and have no...
CVE-2022-4147
Quarkus CORS filter allows simple GET and POST requests with invalid Origin to proceed. Simple GET or POST requests made with XMLHttpRequest are the ones which have no event listeners registered on the object returned by the XMLHttpRequest upload property and have no ReadableStream object used in...
PT-2022-25877 · Quarkus · Quarkus
Name of the Vulnerable Software and Affected Versions: Quarkus affected versions not specified Description: The Quarkus CORS filter allows simple GET and POST requests with invalid Origin to proceed. This issue affects simple GET or POST requests made with XMLHttpRequest, specifically those with ...
CVE-2022-4147
Quarkus CORS filter allows simple GET and POST requests with invalid Origin to proceed. Simple GET or POST requests made with XMLHttpRequest are the ones which have no event listeners registered on the object returned by the XMLHttpRequest upload property and have no ReadableStream object used in...
CVE-2022-4147
CVE-2022-4147 affects the Quarkus CORS filter. The issue allows simple GET/POST requests with an invalid Origin to proceed, potentially enabling cross-origin abuse. The description in multiple sources notes that such requests (e.g., XMLHttpRequest-based) can bypass origin checks when the request ...