Lucene search
GitHub Advisory DatabaseGHSA-PPM5-JV84-2XG2HistoryJun 25, 2024 - 5:26 p.m.
Aimeos HTML client may potentially reveal sensitive information in error log
2024-06-2517:26:56
CWE-1295
GitHub Advisory Database
github.com
5
aimeos
html client
sensitive information
error log
laravel
multi-vendor setups
admin access
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
6.5 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%
Impact
Debug information can reveal sensitive information from environment variables in error log
Affected platform
Laravel environments with multi-vendor setups and admin access for the vendors
Affected configurations
Node
aimeosai-client-htmlRange<2021.10.22
ORaimeosai-client-htmlRange<2022.10.13
ORaimeosai-client-htmlRange<2023.10.15
ORaimeosai-client-htmlRange<2024.04.7
Related
osv
osv
Aimeos HTML client may potentially reveal sensitive information in error log
2024-06-25 17:26:56
CVE-2024-38516
2024-06-25 21:15:59
nvd
nvd
CVE-2024-38516
2024-06-25 21:15:59
gitlab
gitlab
Aimeos HTML client may potentially reveal sensitive information in error log
2024-06-25 00:00:00
cvelist
cvelist
vulnrichment
vulnrichment
cve
cve
CVE-2024-38516
2024-06-25 21:15:59
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
6.5 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%
Related for GHSA-PPM5-JV84-2XG2