CVE-2024-37162

🗓️ 07 Jun 2024 15:50:15Reported by [email protected]Type

Zsa application transfers parse error stack to client, potentially revealing sensitive server information. Patched on `0.3.3`

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 8
Veracode	Information Exposure	11 Jun 202406:03	–	veracode
OSV	CVE-2024-37162	7 Jun 202415:15	–	osv
OSV	GHSA-WJMJ-H3XC-HXP8 Generation of Error Message Containing Sensitive Information in zsa	6 Jun 202422:58	–	osv
CVE	CVE-2024-37162	7 Jun 202415:15	–	cve
Cvelist	CVE-2024-37162 zsa Generates Error Messages Containing Sensitive Information	7 Jun 202414:19	–	cvelist
RedhatCVE	CVE-2024-37162	23 May 202507:44	–	redhatcve
Vulnrichment	CVE-2024-37162 zsa Generates Error Messages Containing Sensitive Information	7 Jun 202414:19	–	vulnrichment
Github Security Blog	Generation of Error Message Containing Sensitive Information in zsa	6 Jun 202422:58	–	github

Nvd

Node

idopesok zsaRange<0.3.3

Source	Link
github	www.github.com/IdoPesok/zsa/security/advisories/GHSA-wjmj-h3xc-hxp8
github	www.github.com/IdoPesok/zsa/commit/86b86b282bde6780963f62406cc8bc65f2c86f3a

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

07 Jun 2024 15:15Current

CVSS34 - 5.3

EPSS0.00138

CWE-209