Описание
Code injection in quarkus dev ui config editor
A vulnerability was found in quarkus. This security flaw happens in Dev UI Config Editor which is vulnerable to drive-by localhost attacks leading to remote code execution.
Пакеты
io.quarkus:quarkus-vertx-http-deployment
>= 2.14.0, < 2.14.2.Final
2.14.2.Final
io.quarkus:quarkus-vertx-http-deployment
< 2.13.5.Final
2.13.5.Final
Связанные уязвимости
A vulnerability was found in quarkus. This security flaw happens in Dev UI Config Editor which is vulnerable to drive-by localhost attacks leading to remote code execution.
A vulnerability was found in quarkus. This security flaw happens in Dev UI Config Editor which is vulnerable to drive-by localhost attacks leading to remote code execution.
Уязвимость компонента Dev UI Config Editor Java-фреймворка quarkus, позволяющая нарушителю выполнить произвольный код