Home > Vulnerability Database > CVE-2023-5720

Mend.io Vulnerability Database

CVE-2023-5720

Good to know:

Date: November 15, 2023

A flaw was found in Quarkus, where it does not properly sanitize artifacts created using the Gradle plugin, allowing certain build system information to remain. This flaw allows an attacker to access potentially sensitive information from the build system within the application.

Severity Score

7.7

Related Resources (5)

Url: https://nvd.nist.gov/vuln/detail/CVE-2023-5720

Url: https://access.redhat.com/security/cve/CVE-2023-5720

Url: https://github.com/quarkusio/quarkus

Url: https://bugzilla.redhat.com/show_bug.cgi?id=2245700

Url: https://www.mend.io/vulnerability-database/CVE-2023-5720

Severity Score

7.7

Weakness Type (CWE)

Cleartext Storage of Sensitive Information in an Environment Variable

CWE-526

CVSS v3.1

Base Score:	7.7
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	LOW
User Interaction (UI):	NONE
Scope (S):	CHANGED
Confidentiality (C):	HIGH
Integrity (I):	NONE
Availability (A):	NONE

Mend.io Vulnerability Database

We found results for “”

CVE-2023-5720

Good to know:

Date: November 15, 2023

Severity Score

Related Resources (5)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?