Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Quarkus: potential invalid reuse of context when @cacheresult on a uni is used
Vulnerability Description
A flaw was found in the Quarkus Cache Runtime. When request processing utilizes a Uni cached using @CacheResult and the cached Uni reuses the initial "completion" context, the processing switches to the cached Uni instead of the request context. This is a problem if the cached Uni context contains sensitive information, and could allow a malicious user to benefit from a POST request returning the response that is meant for another user, gaining access to sensitive data.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
信息暴露
Vulnerability Title
Quarkus 安全漏洞
Vulnerability Description
Quarkus是一个用于编写 Java 应用程序的云原生 (Linux) 容器优先框架。 Quarkus存在安全漏洞。攻击者利用该漏洞可以获得对敏感数据的访问权限。
CVSS Information
N/A
Vulnerability Type
N/A