First published: Tue Nov 22 2022(Updated: )
A vulnerability was found in quarkus. This issue occurs in Dev UI Config Editor, which is vulnerable to drive-by localhost attacks leading to remote code execution.
Credit: secalert@redhat.com secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Redhat Build Of Quarkus | ||
Quarkus Quarkus | <2.13.5 | |
Quarkus Quarkus | >=2.14.0<2.14.2 | |
<2.13.5 | ||
>=2.14.0<2.14.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue in quarkus is CVE-2022-4116.
The severity of CVE-2022-4116 is high with a score of 7.5.
You can find more information about CVE-2022-4116 at the following references: [CVE-2022-4116](https://www.cve.org/CVERecord?id=CVE-2022-4116), [NVD](https://nvd.nist.gov/vuln/detail/CVE-2022-4116), [Red Hat Bugzilla](https://bugzilla.redhat.com/show_bug.cgi?id=2144748), [Red Hat Errata](https://access.redhat.com/errata/RHSA-2022:9023).
The affected software for CVE-2022-4116 is quarkus.
The CWE ID for this vulnerability is CWE-94.