CVE-2023-5720

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Nov 15, 2023

Updated: Nov 30, 2023

CWE ID 526

Summary

CVE-2023-5720 is a vulnerability affecting Quarkus, an open-source application platform. This issue arises due to the platform's failure to sanitize artifacts created using the Gradle plugin. Consequently, build system information is not adequately protected, enabling an attacker to gain unauthorized access to sensitive data within the application. This vulnerability poses a significant risk, particularly for applications handling confidential information, and requires immediate attention and remediation.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Quarkus

Affected Vendors

Quarkus

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/tHA1FK
https://www.cve.org/CVERecord?id=CVE-2023-5720
https://nvd.nist.gov/vuln/detail/CVE-2023-5720

Back to Vulnerability Database