Lucene search
K

6 matches found

Snyk
Snyk
added 2026/06/17 12:0 a.m.6 views

Path Equivalence

Overview Affected versions of this package are vulnerable to Path Equivalence in the pathWithoutMatrixParams of AbstractPathMatchingHttpSecurityPolicy via specially crafted HTTP requests containing encoded semicolons, slashes, or backslashes in the request path. An attacker can gain unauthorized...

8.7CVSS5.9AI score0.00463EPSS
Exploits1References2
Snyk
Snyk
added 2026/05/04 5:20 p.m.11 views

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization when handling HTTP request paths that have had normalizedPath applied. An attacker can gain unauthorized access to protected resources by appending a semicolon and arbitrary text to the request URL, exploiting...

8.8CVSS6AI score0.00444EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2026/05/04 5:20 p.m.8 views

com.github.fmcejudo:quarkus-eureka (>=1.0.0 <=1.1.1), com.github.fmcejudo:quarkus-eureka-deployment (>=1.0.0 <=1.1.1) +70 more potentially affected by CVE-2026-39852 via io.quarkus:quarkus-undertow (>=3.0.0.Alpha1 <=3.20.6)

io.quarkus:quarkus-undertow MAVEN version =3.0.0.Alpha1, =1.0.0, =1.0.0, =2.0.0-alpha1, =24.4.0, =24.4.0, =2.0.0-alpha1, =24.4.0, =24.4.0, =2.0.0, =2.0.0, =24.0.0, =24.8.3, =9.2.3, =0.23.0, =0.11.2, =0.24.5 and more Source cves: CVE-2026-39852 Source advisory: SNYK:JAVA-IOQUARKUS-16420253...

8.8CVSS5.7AI score0.00444EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2023/09/20 12:30 p.m.9 views

com.github.fmcejudo:quarkus-eureka (>=1.0.0 <=1.2.0), com.github.fmcejudo:quarkus-eureka-deployment (>=1.0.0 <=1.2.0) +72 more potentially affected by CVE-2023-4853 via io.quarkus:quarkus-undertow (>=3.0.0.Alpha1 <=3.2.5.Final)

io.quarkus:quarkus-undertow MAVEN version =3.0.0.Alpha1, =1.0.0, =1.0.0, =2.0.0-alpha1, =24.4.0, =24.4.0, =2.0.0-alpha1, =24.4.0, =24.4.0, =1.0.0, =2.0.0, =2.0.0, =24.0.0, =24.8.3, =9.2.3, =0.23.0, =0.24.5 and more Source cves: CVE-2023-4853 Source advisory: OSV:GHSA-4F4R-WGV2-JJVG...

8.1CVSS7.2AI score0.01215EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2023/09/20 12:30 p.m.4 views

com.github.adminfaces:quarkus-omnifaces (>=1.1.0 <=1.4.0), com.github.adminfaces:quarkus-omnifaces-deployment (>=1.1.0 <=1.4.0) +267 more potentially affected by CVE-2023-4853 via io.quarkus:quarkus-undertow (>=0.11.0 <=2.16.10.Final)

io.quarkus:quarkus-undertow MAVEN version =0.11.0, =1.1.0, =1.1.0, =0.0.1, =0.0.1, =1.0.0, =1.0.0, =1.0.0, =1.0.0-RC3, =1.0.0-RC3, =1.0.0-rc2 - com.vaadin:vaadin-quarkus =1.1.4 and more Source cves: CVE-2023-4853 Source advisory: OSV:GHSA-4F4R-WGV2-JJVG...

8.1CVSS7.2AI score0.01215EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2023/09/20 12:30 p.m.5 views

com.github.mcollovati:quarkus-hilla (>=2.0.0 <=2.0.1), com.github.mcollovati:quarkus-hilla-deployment (>=2.0.0 <=2.0.1) +8 more potentially affected by CVE-2023-4853 via io.quarkus:quarkus-undertow (>=3.3.0 <=3.3.2)

io.quarkus:quarkus-undertow MAVEN version =3.3.0, =2.0.0, =2.0.0, =3.3.0, =3.3.0, =3.3.0, =3.3.2 Source cves: CVE-2023-4853 Source advisory: OSV:GHSA-4F4R-WGV2-JJVG...

8.1CVSS7.2AI score0.01215EPSS
Exploits1
Rows per page
Query Builder