10 matches found
EUVD-2023-3324
Malicious code in bioql PyPI...
Sensitive Information Disclosure
quarkus-cache is vulnerable to Sensitive Information Disclosure. The vulnerability arises due to improper processing of a request which utilizes a uni cache using @CacheResult. The cached uni can contain sensitive information from other POST requests, resulting in Sensitive Information Disclosure...
com.qwlabs.doraemon:feature-flags (>=0.2.257 <=0.2.290), com.qwlabs.doraemon:graphql (>=0.2.282 <=0.2.290) +10 more potentially affected by CVE-2023-6393 via io.quarkus:quarkus-cache (>=3.3.0.CR1 <=3.5.1)
io.quarkus:quarkus-cache MAVEN version =3.3.0.CR1, =0.2.257, =0.2.282, =0.2.281, =0.2.282, =0.2.257, =0.2.257, =0.2.257, =3.3.0.CR1, =3.3.0.CR1, =3.3.0.CR1, =3.3.0.CR1, =3.3.0.CR1, =3.5.1 Source cves: CVE-2023-6393 Source advisory: OSV:GHSA-XFV5-JQGP-VQHJ...
com.qwlabs.doraemon:feature-flags (>=0.2.239 <=0.2.256), com.qwlabs.doraemon:q-api (>=0.2.239 <=0.2.256) +8 more potentially affected by CVE-2023-6393 via io.quarkus:quarkus-cache (>=3.2.0.CR1 <=3.2.8.Final)
io.quarkus:quarkus-cache MAVEN version =3.2.0.CR1, =0.2.239, =0.2.239, =0.2.239, =0.2.239, =3.2.0.CR1, =3.2.0.CR1, =3.2.0.CR1, =3.2.0.CR1, =3.2.0.CR1, =2.0.17, =2.1.0-BETA-7 Source cves: CVE-2023-6393 Source advisory: OSV:GHSA-XFV5-JQGP-VQHJ...
GHSA-XFV5-JQGP-VQHJ Quarkus Cache Runtime exposes sensitive information to an unauthorized actor
A flaw was found in the Quarkus Cache Runtime. When request processing utilizes a Uni cached using @CacheResult and the cached Uni reuses the initial "completion" context, the processing switches to the cached Uni instead of the request context. This is a problem if the cached Uni context contain...
Quarkus Cache Runtime exposes sensitive information to an unauthorized actor
A flaw was found in the Quarkus Cache Runtime. When request processing utilizes a Uni cached using @CacheResult and the cached Uni reuses the initial "completion" context, the processing switches to the cached Uni instead of the request context. This is a problem if the cached Uni context contain...
CVE-2023-6393
A flaw was found in the Quarkus Cache Runtime. When request processing utilizes a Uni cached using @CacheResult and the cached Uni reuses the initial "completion" context, the processing switches to the cached Uni instead of the request context. This is a problem if the cached Uni context contain...
Design/Logic Flaw
A flaw was found in the Quarkus Cache Runtime. When request processing utilizes a Uni cached using @CacheResult and the cached Uni reuses the initial "completion" context, the processing switches to the cached Uni instead of the request context. This is a problem if the cached Uni context contain...
CVE-2023-6393
A flaw was found in the Quarkus Cache Runtime. When request processing utilizes a Uni cached using @CacheResult and the cached Uni reuses the initial "completion" context, the processing switches to the cached Uni instead of the request context. This is a problem if the cached Uni context contain...
PT-2023-32637 · Unknown · Quarkus Cache Runtime
Name of the Vulnerable Software and Affected Versions: Quarkus Cache Runtime affected versions not specified Description: A flaw was found in the Quarkus Cache Runtime. When request processing utilizes a Uni cached using @CacheResult and the cached Uni reuses the initial "completion" context, the...