all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Researchers Disclose Critical RCE Vulnerability Affecting Quarkus Java Framework

Add to bookmarks
Dec. 1, 2022, 11:44 a.m. | noreply@blogger.com (Ravie Lakshmanan)

The Hacker News thehackernews.com

A critical security vulnerability has been disclosed in the Quarkus Java framework that could be potentially exploited to achieve remote code execution on affected systems.
Tracked as CVE-2022-4116 (CVSS score: 9.8), the shortcoming could be trivially abused by a malicious actor without any privileges.
"The vulnerability is found in the Dev UI Config Editor, which is vulnerable to drive-by

critical framework java java framework javascript kubernetes rce red hat researchers vulnerability

Visit resource

More from thehackernews.com / The Hacker News

Severe Flaws Disclosed in Brocade SANnav SAN Management Software 11 hours ago | thehackernews.com
application area brocade compromise +17
10 Critical Endpoint Security Tips You Should Know 14 hours ago | thehackernews.com
breaches business connectivity critical +20
New 'Brokewell' Android Malware Spread Through Fake Browser Updates 14 hours ago | thehackernews.com
analysis android android malware banking +15
Palo Alto Networks Outlines Remediation for Critical PAN-OS Flaw Under Attack 14 hours ago | thehackernews.com
alto attack command critical +23
Hackers Exploiting WP-Automatic Plugin Bug to Create Admin Accounts on WordPress Sites 19 hours ago | thehackernews.com
accounts admin automatic bug +18
North Korea's Lazarus Group Deploys New Kaolin RAT via Fake Job Lures 1 day, 8 hours ago | thehackernews.com
access actor binary called +19
Network Threats: A Step-by-Step Attack Demonstration 1 day, 14 hours ago | thehackernews.com
access advanced attack attackers +21
DOJ Arrests Founders of Crypto Mixer Samourai for $2 Billion in Illegal Transactions 1 day, 14 hours ago | thehackernews.com
arrest arrests called criminal +17
Google Postpones Third-Party Cookie Deprecation Amid U.K. Regulatory Scrutiny 1 day, 18 hours ago | thehackernews.com
address authority browser chrome +24

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Security Engineer 2

@ Oracle | BENGALURU, KARNATAKA, India
View on infosec-jobs.com

Oracle EBS DevSecOps Developer

@ Accenture Federal Services | Arlington, VA
View on infosec-jobs.com

Information Security GRC Specialist - Risk Program Lead

@ Western Digital | Irvine, CA, United States
View on infosec-jobs.com

Senior Cyber Operations Planner (15.09)

@ OCT Consulting, LLC | Washington, District of Columbia, United States
View on infosec-jobs.com

AI Cybersecurity Architect

@ FactSet | India, Hyderabad, DVS, SEZ-1 – Orion B4; FL 7,8,9,11 (Hyderabad - Divyasree 3)
View on infosec-jobs.com
View more jobs