Lucene search
HistoryDec 27, 2022 - 3:15 p.m.
CVE-2022-4734
cve-2022-4734
information security
github
repository
data storage
data transfer
8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
4.5 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
20.2%
Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository usememos/memos prior to 0.9.1.
Affected configurations
Node
usememosmemosRange<0.9.1
| CPE | Name | Operator | Version |
|---|---|---|---|
| usememos:memos | usememos memos | lt | 0.9.1 |
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "usememos/memos",
"vendor": "usememos",
"versions": [
{
"lessThan": "0.9.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]Related
osv
osv
usememos/memos may leak user information to an authenticated user
2022-12-27 15:30:19
CVE-2022-4734
2022-12-27 15:15:12
prion
prion
Input validation
2022-12-27 15:15:00
veracode
veracode
Information Disclosure
2023-01-03 09:56:37
github
github
usememos/memos may leak user information to an authenticated user
2022-12-27 15:30:19
nvd
nvd
CVE-2022-4734
2022-12-27 15:15:12
huntr
huntr
Email exposure of users to an authorized user
2022-12-22 19:59:22
cvelist
cvelist
8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
4.5 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
20.2%
Related for CVE-2022-4734