Lucene search
K

30 matches found

Snyk
Snyk
added 2026/06/17 12:0 a.m.7 views

Path Equivalence

Overview io.quarkus:quarkus-vertx-http is a Cloud Native, Linux Container First framework for writing Java applications. Affected versions of this package are vulnerable to Path Equivalence in the pathWithoutMatrixParams of AbstractPathMatchingHttpSecurityPolicy via specially crafted HTTP request...

8.7CVSS5.9AI score0.00451EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2026/06/10 3:39 p.m.9 views

io.quarkus:quarkus-vertx-http: io.quarkus:quarkus-vertx-http: Authorization bypass via semicolons in HTTP requests

A flaw was found in io.quarkus:quarkus-vertx-http. A remote attacker can exploit an authorization bypass vulnerability by including semicolons, also known as matrix parameters, in HTTP requests. This allows bypassing path-based HTTP security policies, enabling unauthorized access to protected...

8.8CVSS5.5AI score0.00444EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/10 3:39 p.m.16 views

Important: Red Hat Security Advisory: HawtIO 4.4.0 for Red Hat build of Apache Camel 4 Release and security update.

HawtIO 4.4.0 for Red Hat build of Apache Camel 4 GA Release is now available. The purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products. Red Hat Product Security has rated this update ...

10CVSS7.3AI score0.01945EPSS
Exploits10References1
RedHat Linux
RedHat Linux
added 2026/05/05 7:56 a.m.5 views

io.quarkus:quarkus-vertx-http: io.quarkus:quarkus-vertx-http: Authorization bypass via semicolons in HTTP requests

A flaw was found in io.quarkus:quarkus-vertx-http. A remote attacker can exploit an authorization bypass vulnerability by including semicolons, also known as matrix parameters, in HTTP requests. This allows bypassing path-based HTTP security policies, enabling unauthorized access to protected...

8.8CVSS5.8AI score0.00444EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/05/05 7:56 a.m.22 views

Important: Red Hat Security Advisory: Red Hat Build of Apache Camel 4.14 for Quarkus 3.27 update is now available (RHBQ 3.27.3.SP1)

An update for Red Hat Build of Apache Camel 4.14 for Quarkus 3.27 update is now available RHBQ 3.27.3.SP1. The purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products. Red Hat Product...

9.3CVSS5.9AI score0.00758EPSS
Exploits0References13
RedHat Linux
RedHat Linux
added 2026/05/05 3:47 a.m.10 views

io.quarkus:quarkus-vertx-http: io.quarkus:quarkus-vertx-http: Authorization bypass via semicolons in HTTP requests

A flaw was found in io.quarkus:quarkus-vertx-http. A remote attacker can exploit an authorization bypass vulnerability by including semicolons, also known as matrix parameters, in HTTP requests. This allows bypassing path-based HTTP security policies, enabling unauthorized access to protected...

8.8CVSS5.8AI score0.00444EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/05/05 3:47 a.m.5 views

io.quarkus:quarkus-vertx-http: io.quarkus:quarkus-vertx-http: Authorization bypass via semicolons in HTTP requests

A flaw was found in io.quarkus:quarkus-vertx-http. A remote attacker can exploit an authorization bypass vulnerability by including semicolons, also known as matrix parameters, in HTTP requests. This allows bypassing path-based HTTP security policies, enabling unauthorized access to protected...

8.8CVSS5.8AI score0.00444EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/05/05 3:12 a.m.20 views

CVE-2026-39852

A flaw was found in io.quarkus:quarkus-vertx-http. A remote attacker can exploit an authorization bypass vulnerability by including semicolons, also known as matrix parameters, in HTTP requests. This allows bypassing path-based HTTP security policies, enabling unauthorized access to protected...

8.8CVSS5.8AI score0.00444EPSS
Exploits0References4
vulnersOsv
vulnersOsv
added 2026/05/04 5:20 p.m.8 views

ai.timefold.solver:timefold-solver-quarkus-benchmark-integration-test (>=0.8.38 <=1.20.1), ai.timefold.solver:timefold-solver-quarkus-devui-integration-test (>=0.8.38 <=1.20.1) +2517 more potentially affected by CVE-2026-39852 via io.quarkus:quarkus-vertx-http (>=0.23.0 <=3.20.6)

io.quarkus:quarkus-vertx-http MAVEN version =0.23.0, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.0.1, =0.0.1, =0.0.1, =0.0.4, =0.0.4, =0.0.4, =0.0.4, =0.0.2, =0.0.5 and more Source cves: CVE-2026-39852 Source advisory: OSV:GHSA-RC95-PCM8-65V9...

8.8CVSS5.7AI score0.00444EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/04 5:20 p.m.11 views

ai.timefold.solver:timefold-solver-quarkus-benchmark-integration-test (>=0.9.38 <=1.20.1), ai.timefold.solver:timefold-solver-quarkus-devui-integration-test (>=0.9.38 <=1.20.1) +1591 more potentially affected by CVE-2026-39852 via io.quarkus:quarkus-vertx-http (>=3.0.0.Alpha1 <=3.20.6)

io.quarkus:quarkus-vertx-http MAVEN version =3.0.0.Alpha1, =0.9.38, =0.9.38, =0.9.38, =0.9.38, =0.9.38, =0.9.38, =0.0.1, =0.0.1, =0.0.1, =0.0.4, =0.0.4, =0.0.4, =0.0.4, =0.0.2, =0.0.1, =0.0.5 and more Source cves: CVE-2026-39852 Source advisory: SNYK:JAVA-IOQUARKUS-16420254...

8.8CVSS5.7AI score0.00444EPSS
Exploits0
Snyk
Snyk
added 2026/05/04 5:20 p.m.7 views

Incorrect Authorization

Overview io.quarkus:quarkus-vertx-http is a Cloud Native, Linux Container First framework for writing Java applications. Affected versions of this package are vulnerable to Incorrect Authorization when handling HTTP request paths that have had normalizedPath applied. An attacker can gain...

8.8CVSS6AI score0.00444EPSS
Exploits0References3
Snyk
Snyk
added 2026/02/10 11:54 a.m.6 views

Improper Output Neutralization for Logs

Overview io.quarkus:quarkus-vertx-http is a Cloud Native, Linux Container First framework for writing Java applications. Affected versions of this package are vulnerable to Improper Output Neutralization for Logs in the HTTP access logs with long pattern when the logging format is set to a verbos...

5.1CVSS5.6AI score0.00141EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2026/02/10 11:54 a.m.9 views

ai.timefold.solver:timefold-solver-quarkus-benchmark-integration-test (>=0.9.38 <=1.26.2), ai.timefold.solver:timefold-solver-quarkus-devui-integration-test (>=0.9.38 <=1.26.2) +1739 more potentially affected by CVE-2025-11537 via io.quarkus:quarkus-vertx-http (>=3.0.0.Alpha1 <=3.27.1)

io.quarkus:quarkus-vertx-http MAVEN version =3.0.0.Alpha1, =0.9.38, =0.9.38, =0.9.38, =0.9.38, =0.9.38, =0.9.38, =0.0.6, =0.0.1, =0.0.6, =0.0.6, =0.0.6, =0.0.1, =0.0.1, =0.0.4, =0.0.4, =0.0.5 and more Source cves: CVE-2025-11537 Source advisory: SNYK:JAVA-IOQUARKUS-15265250...

5CVSS5.7AI score0.00141EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/01/07 5:47 p.m.7 views

ai.pipestream.module:module-chunker (=0.1.1), ai.pipestream.module:module-echo (=0.1.1) +459 more potentially affected by CVE-2025-66560 via io.quarkus.vertx.utils:quarkus-vertx-utils (>=3.28.0.CR1 <=3.30.8)

io.quarkus.vertx.utils:quarkus-vertx-utils MAVEN version =3.28.0.CR1, =0.0.2, =0.1.1, =0.1.1, =0.2.0, =0.2.0, =0.1.1, =0.1.1, =0.1.7, =0.1.9 and more Source cves: CVE-2025-66560 Source advisory: SNYK:JAVA-IOQUARKUSVERTXUTILS-14897052...

7.5CVSS5.7AI score0.00349EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/01/07 5:47 p.m.9 views

ai.timefold.solver:timefold-solver-quarkus-benchmark-integration-test (>=1.21.0 <=1.26.2), ai.timefold.solver:timefold-solver-quarkus-devui-integration-test (>=1.21.0 <=1.26.2) +590 more potentially affected by CVE-2025-66560 via io.quarkus.vertx.utils:quarkus-vertx-utils (>=3.21.0.CR1 <=3.27.1)

io.quarkus.vertx.utils:quarkus-vertx-utils MAVEN version =3.21.0.CR1, =1.21.0, =1.21.0, =1.21.0, =1.21.0, =1.21.0, =1.21.0, =0.0.6, =0.0.6, =0.0.6, =0.0.8, =0.1.0-RC15, =0.1.0-RC15, =0.1.0-RC14, =0.1.0-RC25 and mor...

7.5CVSS5.4AI score0.00349EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/01/07 5:47 p.m.7 views

ai.timefold.solver:timefold-solver-quarkus-benchmark-integration-test (>=1.12.0 <=1.20.1), ai.timefold.solver:timefold-solver-quarkus-devui-integration-test (>=1.12.0 <=1.20.1) +914 more potentially affected by CVE-2025-66560 via io.quarkus.vertx.utils:quarkus-vertx-utils (>=3.12.0 <=3.20.4)

io.quarkus.vertx.utils:quarkus-vertx-utils MAVEN version =3.12.0, =1.12.0, =1.12.0, =1.12.0, =1.12.0, =1.12.0, =1.12.0, =0.0.1, =0.0.4, =0.0.1, =0.0.1, =0.0.1, =3.15.3, =3.15.3, =0.2.0.0, =0.4.8.0, =0.7.0.2 and more Source cves: CVE-2025-66560 Source advisory: SNYK:JAVA-IOQUARKUSVERTXUTILS-148970...

7.5CVSS5.7AI score0.00349EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2025/08/07 10:51 a.m.7 views

io.quarkus/quarkus-vertx: Quarkus potential data leak

A data leak vulnerability has been discovered in the io.quarkus:quarkus-vertx package. This flaw can lead to information disclosure if a Vert.x context that has already been duplicated is subsequently duplicated again. In such a scenario, sensitive data residing within that context may be...

6.4CVSS5.7AI score0.0025EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2025/08/01 5:42 p.m.5 views

io.quarkus/quarkus-vertx: Quarkus potential data leak

A data leak vulnerability has been discovered in the io.quarkus:quarkus-vertx package. This flaw can lead to information disclosure if a Vert.x context that has already been duplicated is subsequently duplicated again. In such a scenario, sensitive data residing within that context may be...

6.4CVSS5.7AI score0.0025EPSS
Exploits0References7
vulnersOsv
vulnersOsv
added 2025/06/23 6:53 p.m.2 views

ai.timefold.solver:timefold-solver-quarkus-benchmark-integration-test (>=0.8.38 <=1.15.0), ai.timefold.solver:timefold-solver-quarkus-devui-integration-test (>=0.8.38 <=1.15.0) +3074 more potentially affected by CVE-2025-49574 via io.quarkus:quarkus-vertx (>=0.11.0 <=3.15.5)

io.quarkus:quarkus-vertx MAVEN version =0.11.0, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.1.0-quarkus-3.15-RC2, =0.1.0-quarkus-3.15-RC2, =1.0.4, =1.0.4, =0.0.2-alpha, =0.0.3-alpha, =0.0.10-alpha, =1.3.0-alpha-0 - br.com.senior:seniorx-integration-parameters-api...

6.4CVSS5.3AI score0.0025EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2023/09/21 7:7 p.m.52 views

Important: Red Hat Security Advisory: Red Hat Integration Camel K 1.10.2 release security update

Red Hat Integration Camel K 1.10.2 release and security update is now available. Red Hat Product Security has rated this update as having an impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

8.1CVSS7.2AI score0.01215EPSS
Exploits1References4
Rows per page
Query Builder