Is Quarkus 3.12.3 patched?
Current stable (3.36.2): 100/100
3.12.3 has 2 open critical-or-high vulnerabilities. Run 3.20.6.1 or later to clear them. See what 3.20.6.1 fixes →
Summary iPlain-English security status for Quarkus 3.12.3, built from its CVEs, active-exploitation data, end-of-life date and latest release.
Quarkus 3.12.3 is part of the 3.12 release line. 3 known vulnerabilities affect it. The minimum safe version is 3.20.6.1 — upgrade to it or later to clear the open critical/high issues. The 3.12 line reached end-of-life on 2024-07-31, so it no longer receives security patches. The latest supported Quarkus release is 3.36.2.
Known issues affecting 3.12.3
Exploited first, then by exploitation probability.
CVE-2025-66560 MEDIUM EPSS 0% → fixed in 3.31.0 CVE-2024-12225 CRITICAL EPSS 0% → fixed in 3.15.3.1 CVE-2026-39852 HIGH EPSS 0% → fixed in 3.35.2Other Quarkus versions
Check another release line of Quarkus.
Frequently asked
Is Quarkus 3.12.3 patched?
Quarkus 3.12.3 is end-of-life and no longer receives security patches. Move to 3.36.2.
What version should I upgrade Quarkus 3.12.3 to?
Upgrade Quarkus 3.12.3 to at least 3.20.6.1 to clear its 2 open critical-or-high vulnerabilities.
When does Quarkus 3.12 reach end-of-life?
Quarkus 3.12 reached end-of-life on 2024-07-31 and no longer receives security patches.
What is the latest version of Quarkus?
The latest supported Quarkus release is 3.36.2.
Is Quarkus 3.12.3 still receiving security updates?
No — Quarkus 3.12.3 is on the 3.12 line, which reached end-of-life on 2024-07-31 and no longer receives security updates. Upgrade to 3.36.2 or later to stay supported.
Informational only, from public data (NVD · CISA KEV · EPSS · endoflife.date), and can lag or miss vendor-specific fixes. Always confirm against Red Hat's official advisory before you patch or upgrade — Quarkus official site ↗