Vulnerability Details CVE-2023-5720
A flaw was found in Quarkus, where it does not properly sanitize artifacts created using the Gradle plugin, allowing certain build system information to remain. This flaw allows an attacker to access potentially sensitive information from the build system within the application.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.024
EPSS Ranking 84.2%
CVSS Severity
CVSS v3 Score 7.7
References
Products affected by CVE-2023-5720
-
cpe:2.3:a:quarkus:quarkus:3.0.0
-
cpe:2.3:a:quarkus:quarkus:3.0.1
-
cpe:2.3:a:quarkus:quarkus:3.0.2
-
cpe:2.3:a:quarkus:quarkus:3.0.3
-
cpe:2.3:a:quarkus:quarkus:3.0.4
-
cpe:2.3:a:quarkus:quarkus:3.1.0
-
cpe:2.3:a:quarkus:quarkus:3.1.1
-
cpe:2.3:a:quarkus:quarkus:3.1.2
-
cpe:2.3:a:quarkus:quarkus:3.1.3
-
cpe:2.3:a:quarkus:quarkus:3.2.0
-
cpe:2.3:a:quarkus:quarkus:3.2.1
-
cpe:2.3:a:quarkus:quarkus:3.2.2
-
cpe:2.3:a:quarkus:quarkus:3.2.3
-
cpe:2.3:a:quarkus:quarkus:3.2.4
-
cpe:2.3:a:quarkus:quarkus:3.2.5
-
cpe:2.3:a:quarkus:quarkus:3.2.6
-
cpe:2.3:a:quarkus:quarkus:3.2.7