Lucene search
GoogleOSV:GHSA-PPM5-JV84-2XG2HistoryJun 25, 2024 - 5:26 p.m.
Aimeos HTML client may potentially reveal sensitive information in error log
2024-06-2517:26:56
Google
osv.dev
2
aimeos html client
sensitive information
error log
environment variables
laravel
multi-vendor setups
admin access
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
6.5 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%
Impact
Debug information can reveal sensitive information from environment variables in error log
Affected platform
Laravel environments with multi-vendor setups and admin access for the vendors
Related
nvd
nvd
CVE-2024-38516
2024-06-25 21:15:59
cve
cve
CVE-2024-38516
2024-06-25 21:15:59
github
github
Aimeos HTML client may potentially reveal sensitive information in error log
2024-06-25 17:26:56
gitlab
gitlab
Aimeos HTML client may potentially reveal sensitive information in error log
2024-06-25 00:00:00
osv
osv
CVE-2024-38516
2024-06-25 21:15:59
cvelist
cvelist
vulnrichment
vulnrichment
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
6.5 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%
Related for OSV:GHSA-PPM5-JV84-2XG2