CVE-2023-5720

high

Description

A flaw was found in Quarkus, where it does not properly sanitize artifacts created using the Gradle plugin, allowing certain build system information to remain. This flaw allows an attacker to access potentially sensitive information from the build system within the application.

References

https://bugzilla.redhat.com/show_bug.cgi?id=2245700

https://access.redhat.com/security/cve/CVE-2023-5720

Details

Source: Mitre, NVD

Published: 2023-11-15

Updated: 2023-11-30

Risk Information

CVSS v2

Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N

Severity: High

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N