CVE-2023-5720

Quarkus does not properly sanitize artifacts created from its use of the Gradle plugin, allowing certain build system information to remain in maven/io.quarkus/quarkus-project

Identifiers

GHSA-p62q-5483-h57v, CVE-2023-5720

Package Slug

maven/io.quarkus/quarkus-project

Vulnerability

Quarkus does not properly sanitize artifacts created from its use of the Gradle plugin, allowing certain build system information to remain

Description

A flaw was found in Quarkus, where it does not properly sanitize artifacts created using the Gradle plugin, allowing certain build system information to remain. This flaw allows an attacker to access potentially sensitive information from the build system within the application.

Affected Versions

All versions starting from 3.0.0.cr1 up to 3.5.1

Solution

Unfortunately, there is no solution available yet.

Last Modified

2023-11-16

source