CRITICAL🇬🇧 English

CVE-2022-4116

CVSS 9.8v3.1pub. 2022-11-22upd. 2025-04-29

A vulnerability was found in quarkus. This security flaw happens in Dev UI Config Editor which is vulnerable to drive-by localhost attacks leading to remote code execution.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Quarkus

    APP
    Quarkus
    < 2.13.52.14.0 – 2.14.2 (bez)
  • Red Hat Build Of Quarkus

    APP
    Redhat
    wszystkie wersje
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
RCE
CWE
Referencje

Powiązane podatności

CVE-2024-12225CRITICAL9.1PL ✓ten sam produkt

Quarkus WebAuthn: pominięcie uwierzytelnienia przez domyślne endpointy REST

CVE-2022-2466CRITICAL9.8ten sam produkt

It was found that Quarkus 2.10.x does not terminate HTTP requests header context which may lead to unpredictab...

CVE-2021-26291CRITICAL9.1ten sam produkt

Apache Maven will follow repositories that are defined in a dependency’s Project Object Model (pom) which may ...

CVE-2026-50559HIGH7.5ten sam produkt

Quarkus is a Java framework for building cloud-native applications. Prior to versions 3.37.0, 3.36.3, 3.33.2.1...

CVE-2026-39852HIGH8.8ten sam produkt

Quarkus is a Java framework for building cloud-native applications. In versions prior to 3.20.6.1, 3.27.3.1, 3...