Description
A flaw was found in Quarkus, where it does not properly sanitize artifacts created using the Gradle plugin, allowing certain build system information to remain. This flaw allows an attacker to access potentially sensitive information from the build system within the application.
Remediation
References
https://access.redhat.com/security/cve/CVE-2023-5720
https://bugzilla.redhat.com/show_bug.cgi?id=2245700
Related Vulnerabilities
CVE-2022-33683 Vulnerability in maven package org.apache.pulsar:pulsar-broker
CVE-2023-27490 Vulnerability in npm package next-auth
CVE-2013-4286 Vulnerability in maven package org.apache.tomcat:coyote
CVE-2016-4434 Vulnerability in maven package org.apache.tika:tika-bundle
CVE-2020-16037 Vulnerability in maven package org.webjars.npm:electron