Maven package
io.quarkus/quarkus-core
pkg:maven/io.quarkus/quarkus-core
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-2700 | Hig | 7.0 | >= 3.9.0.CR1, < 3.9.2 | 3.9.2 | Apr 4, 2024 | A vulnerability was found in the quarkus-core component. Quarkus captures local environment variables from the Quarkus namespace during the application's build, therefore, running the resulting application inherits the values captured at build time. Some local environment variabl | |
| CVE-2023-2974 | — | < 2.16.8.Final | 2.16.8.Final | Jul 4, 2023 | A vulnerability was found in quarkus-core. This vulnerability occurs because the TLS protocol configured with quarkus.http.ssl.protocols is not enforced, and the client can force the selection of the weaker supported TLS protocol. |
- affected >= 3.9.0.CR1, < 3.9.2fixed 3.9.2
A vulnerability was found in the quarkus-core component. Quarkus captures local environment variables from the Quarkus namespace during the application's build, therefore, running the resulting application inherits the values captured at build time. Some local environment variabl
- CVE-2023-2974Jul 4, 2023affected < 2.16.8.Finalfixed 2.16.8.Final
A vulnerability was found in quarkus-core. This vulnerability occurs because the TLS protocol configured with quarkus.http.ssl.protocols is not enforced, and the client can force the selection of the weaker supported TLS protocol.