| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2023-5675 | Quarkus: authorization flaw in quarkus resteasy reactive and classic when "quarkus.security.jaxrs.deny-unannotated-endpoints" or "quarkus.security.jaxrs.default-roles-allowed" properties are used. | - | - | Medium | 6.5 | 2024-04-25 15:44:56 | Deep Dive |
| CVE-2024-1132 | Keycloak: path transversal in redirection validation | - | - | High | 8.1 | 2024-04-17 13:21:19 | Deep Dive |
| CVE-2024-2700 | Quarkus-core: leak of local configuration properties into quarkus applications | - | - | High | 7.0 | 2024-04-04 13:46:40 | Deep Dive |
| CVE-2024-1300 | Io.vertx:vertx-core: memory leak when a tcp server is configured with tls and sni support | - | - | Medium | 5.4 | 2024-04-02 07:33:05 | Deep Dive |
| CVE-2024-1023 | Io.vertx/vertx-core: memory leak due to the use of netty fastthreadlocal data structures in vertx | - | - | Medium | 6.5 | 2024-03-27 07:51:16 | Deep Dive |
| CVE-2024-1979 | Quarkus: information leak in annotation | - | - | Low | 3.5 | 2024-03-13 09:41:25 | Deep Dive |
| CVE-2024-1635 | Undertow: out-of-memory error after several closed connections with wildfly-http-client protocol | - | - | High | 7.5 | 2024-02-19 21:23:14 | Deep Dive |
| CVE-2024-1459 | Undertow: directory traversal vulnerability | - | - | Medium | 5.3 | 2024-02-12 20:30:04 | Deep Dive |
| CVE-2023-6267 | Quarkus: json payload getting processed prior to security checks when rest resources are used with annotations. | Red Hat | Red Hat build of Quarkus 2.13.9.Final | High | 8.6 | 2024-01-25 18:12:45 | Deep Dive |
| CVE-2023-5236 | Infinispan: circular reference on marshalling leads to dos | Red Hat | Red Hat Data Grid 8.4.4 | Medium | 4.4 | 2023-12-18 13:43:08 | Deep Dive |
| CVE-2023-5379 | Undertow: ajp request closes connection exceeding maxrequestsize | Red Hat | Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 | High | 7.5 | 2023-12-12 21:54:53 | Deep Dive |
| CVE-2023-6394 | Quarkus: graphql operations over websockets bypass | Red Hat | Red Hat build of Quarkus 2.13.9.Final | High | 7.4 | 2023-12-09 01:26:53 | Deep Dive |
| CVE-2023-6393 | Quarkus: potential invalid reuse of context when @cacheresult on a uni is used | Red Hat | Red Hat build of Quarkus 2.13.9.Final | Medium | 5.3 | 2023-12-06 16:58:54 | Deep Dive |
| CVE-2023-1584 | Quarkus-oidc: id and access tokens leak via the authorization code flow | - | - | High | 7.5 | 2023-10-04 10:47:38 | Deep Dive |
| CVE-2023-3223 | Undertow: outofmemoryerror due to @multipartconfig handling | Red Hat | Red Hat Fuse 7.12.1 | High | 7.5 | 2023-09-27 13:54:45 | Deep Dive |
| CVE-2022-4245 | Codehaus-plexus: xml external entity (xxe) injection | Red Hat | RHINT Camel-K-1.10.1 | Medium | 4.3 | 2023-09-25 19:20:57 | Deep Dive |
| CVE-2022-4244 | Codehaus-plexus: directory traversal | Red Hat | RHINT Camel-K-1.10.1 | High | 7.5 | 2023-09-25 19:20:05 | Deep Dive |
| CVE-2023-4853 | Quarkus: http security policy bypass | Red Hat | Openshift Serverless 1 on RHEL 8 | High | 8.1 | 2023-09-20 09:47:32 | Deep Dive |
| CVE-2023-1108 | Undertow: infinite loop in sslconduit during close | - | - | High | 7.5 | 2023-09-14 14:48:59 | Deep Dive |
| CVE-2022-1415 | Drools: unsafe data deserialization in streamutils | Red Hat | RHPAM 7.13.1 async | High | 8.1 | 2023-09-11 20:20:24 | Deep Dive |