pkg:maven/io.quarkus/quarkus-core
Type
maven
Namespace
io.quarkus
Name
quarkus-core
Known advisories, vulnerabilities and fixes for io.quarkus/quarkus-core package.
High
1
Moderate
1
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | < 2.16.8.Final |
CVE-2023-2974
|
MAVEN:GHSA-3FHX-3VVG-2J84 | quarkus-core vulnerable to client driven TLS cipher downgrading | moderate |
2023-07-04T15:30:18
(14 months ago) |
|
Fixed | = 2.16.8.Final |
CVE-2023-2974
|
MAVEN:GHSA-3FHX-3VVG-2J84 | quarkus-core vulnerable to client driven TLS cipher downgrading | moderate |
2023-07-04T15:30:18
(14 months ago) |
|
Affected | <= 3.9.1 |
CVE-2024-2700
|
MAVEN:GHSA-F8H5-V2VG-46RR | quarkus-core leaks local environment variables from Quarkus namespace during application's build | high |
2024-04-04T15:30:34
(5 months ago) |
|
Fixed | = 3.9.2 |
CVE-2024-2700
|
MAVEN:GHSA-F8H5-V2VG-46RR | quarkus-core leaks local environment variables from Quarkus namespace during application's build | high |
2024-04-04T15:30:34
(5 months ago) |