CVE-2022-0981 — Vulnetix

Try Vulnetix Request Demo

CVE-2022-0981 PUBLISHED CVSS 8.800000190734863 HIGH

A flaw was found in Quarkus. The state and potentially associated permissions can leak from one web request to another in RestEasy Reactive. This flaw allows a low-privileged user to perform operations on the database with a different set of privileges than intended.

EPSS 0.24% · 47.2th percentile

Risk Scores

CVSS v3.1

8.800000190734863

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Score

0.24%

47.2th percentile

Affected Products

Vendor	Product	Versions
n/a	quarkus	quarkus 2.7.1.Final
quarkus	quarkus	0

Timeline

Mar 23, 2022 CVE Published
Mar 24, 2022 EPSS Score
May 13, 2022 EPSS Score
Jul 3, 2022 EPSS Score
Aug 23, 2022 EPSS Score
Oct 12, 2022 EPSS Score
Dec 2, 2022 EPSS Score
Jan 21, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 12, 2023 EPSS Score
May 2, 2023 EPSS Score
Jun 21, 2023 EPSS Score

References

Open in Interactive Console →