Welcome to Briefly!
Quickly sign up or login to read, highlight, and comment on this article.
image credit
Information security
Developers Warned of Critical Remote Code Execution Flaw in Quarkus Java Framework | SecurityWeek.Com
Developers have been warned that the popular Quarkus framework is affected by a critical vulnerability that could lead to remote code execution.Available since 2019, Quarkus is an open source Kubernetes-native Java framework designed for GraalVM and HotSpot virtual machines.Tracked as CVE-2022-4116 (CVSS score of 9.8), the security defect was identified in the Dev UI Config Editor and can be exploited via drive-by localhost attacks.
There's nothing here yet.