A vulnerability was found in quarkus. This security flaw happens in Dev UI Config Editor which is vulnerable to drive-by localhost attacks leading to remote code execution.
References
- https://nvd.nist.gov/vuln/detail/CVE-2022-4116
- https://access.redhat.com/security/cve/CVE-2022-4116
- https://bugzilla.redhat.com/show_bug.cgi?id=2144748
- https://github.com/quarkusio/quarkus/discussions/29527
- https://github.com/quarkusio/quarkus/discussions/29527#discussioncomment-4387809
- https://github.com/advisories/GHSA-g56w-cwg4-hxx9