CVE-2024-1979 LOW

CVE-2024-1979: Quarkus: information leak in annotation

Vendor Red Hat
Product Red Hat build of Quarkus
Weakness CWE-200 · Info exposure
Published March 13, 2024
Last update November 20, 2025

CVSS base score

3.5/10
Attack vector Network
Attack complexity High
Privileges required Low
User interaction None
Confidentiality Low
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N

What the vulnerability does

01Description

A vulnerability was found in Quarkus. In certain conditions related to the CI process, git credentials could be inadvertently published, which could put the git repository at risk.

Key dates

02Disclosure timeline

March 13, 2024 CVE published
November 20, 2025 Record updated