Information Exposure

Quarkus-core is vulnerable to Information Exposure. The vulnerability is due to the capture of local environment variables from the Quarkus namespace during the build process, leading to applications inheriting potentially sensitive or test-specific settings at runtime...

quarkus-core leaks local environment variables from Quarkus namespace during application's build

A vulnerability was found in the quarkus-core component. Quarkus captures the local environment variables from the Quarkus namespace during the application's build. Thus, running the resulting application inherits the values captured at build time. However, some local environment variables may ha...

CVE-2024-2700

A vulnerability was found in the quarkus-core component. Quarkus captures local environment variables from the Quarkus namespace during the application's build, therefore, running the resulting application inherits the values captured at build time. Some local environment variables may have been...

PT-2024-21609 · Quarkus · Quarkus

Name of the Vulnerable Software and Affected Versions: Quarkus affected versions not specified Description: A vulnerability was found in the quarkus-core component. Quarkus captures local environment variables from the Quarkus namespace during the application's build, and the resulting applicatio...

Malicious Package

nodetest199 is a malicious package. The package contains malicious code in index.js which sends local environment variables to a remote server. The malicious code does not execute upon installation...