io.quarkus:quarkus-vertx-http@1.10.3.Final vulnerabilities
-
latest version
3.10.0
-
latest non vulnerable version
-
first published
5 years ago
-
latest version published
a month ago
-
licenses detected
- [0.23.0,)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the io.quarkus:quarkus-vertx-http package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
io.quarkus:quarkus-vertx-http is a Cloud Native, (Linux) Container First framework for writing Java applications. Affected versions of this package are vulnerable to Access Restriction Bypass when using HTTP security path-based rules to protect HTTP endpoints. This issue allows unauthorized access to secured paths—such as How to fix Access Restriction Bypass? Upgrade |
[,2.16.11.Final)
[3.2.0,3.2.6.Final)
[3.3.0,3.3.3)
|
io.quarkus:quarkus-vertx-http is a Cloud Native, (Linux) Container First framework for writing Java applications. Affected versions of this package are vulnerable to Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade') such that the TLS protocol configured with How to fix Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade')? Upgrade |
[,2.16.8.Final)
[3.0.0.Alpha1,3.2.1.Final)
|
io.quarkus:quarkus-vertx-http is a Cloud Native, (Linux) Container First framework for writing Java applications. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) due to improper user-input sanitization, if the Quarkus Form Authentication session cookie Path attribute is set to Note: This attack can be prevented with the Quarkus CSRF Prevention feature. How to fix Cross-site Scripting (XSS)? Upgrade |
[,2.13.7.Final)
|
io.quarkus:quarkus-vertx-http is a Cloud Native, (Linux) Container First framework for writing Java applications. Affected versions of this package are vulnerable to Access Restriction Bypass via the How to fix Access Restriction Bypass? Upgrade |
[,2.7.7.Final)
[2.8.0.CR1,2.13.5.Final)
[2.14.0.CR1,2.14.2.Final)
|