CVE ID | Published | Description | Score | Severity |
---|---|---|---|---|
A vulnerability was found in quarkus-core. This vulnerability occurs because the TLS protocol configured with quarkus.http.ssl.protocols is not enforced, and the client can force the selection of the weaker supported TLS protocol. | 8.1 |
High |
||
It was found that the smallrye health metrics UI component did not properly sanitize some user inputs. An attacker could use this flaw to conduct cross-site scripting attacks. | 6.1 |
Medium |