Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A flaw was found in SmallRye's API through version 1.6.1. The API can allow other code running within the application server to potentially obtain the ClassLoader, bypassing any permissions checks that should have been applied. The largest threat from this vulnerability is a threat to data confidentiality. This is fixed in SmallRye 1.6.2
CVSS Information
N/A
Vulnerability Type
授权机制不正确
Vulnerability Title
SmallRye 安全漏洞
Vulnerability Description
SmallRye是SmallRye(Smallrye)团队的一款开源的MicroProfile(微服务架构优化协议)的实现。 SmallRye中的API存在安全漏洞。攻击者可利用该漏洞绕过权限检查,访问ClassLoader。
CVSS Information
N/A
Vulnerability Type
N/A