Description
A flaw was found in Quarkus, where it does not properly sanitize artifacts created using the Gradle plugin, allowing certain build system information to remain. This flaw allows an attacker to access potentially sensitive information from the build system within the application.
Remediation
References
https://access.redhat.com/security/cve/CVE-2023-5720
https://bugzilla.redhat.com/show_bug.cgi?id=2245700
Related Vulnerabilities
CVE-2023-40573 Vulnerability in maven package org.xwiki.platform:xwiki-platform-scheduler-api
CVE-2018-1999005 Vulnerability in maven package org.jenkins-ci.main:jenkins-core
CVE-2014-0119 Vulnerability in maven package org.apache.tomcat.embed:tomcat-embed-core
CVE-2018-20677 Vulnerability in npm package bootstrap-sass
CVE-2019-10083 Vulnerability in maven package org.apache.nifi:nifi-web