Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2023-6460
HistoryDec 04, 2023 - 1:15 p.m.

Code injection

2023-12-0413:15:00
PRIOn knowledge base
www.prio-n.com
4
code injection
logging
firestore key
nodejs
security update
nvd

7.1 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.0%

JSON

A potential logging of the firestore key via logging within nodejs-firestore exists - Developers who were logging objects through this._settings would be logging the firestore key as well potentially exposing it to anyone with logs read access. We recommend upgrading to version 6.1.0 to avoid this issue

CPENameOperatorVersion
cloud_firestorelt6.1.0

Related

github 1
cve 1
osv 2
veracode 1
nvd 1
ibm 1
cvelist 1
github
github
Logging of the firestore key within nodejs-firestore
2023-12-04 15:31:55
cve
cve
CVE-2023-6460
2023-12-04 13:15:07
osv
osv
CVE-2023-6460
2023-12-04 13:15:07
Logging of the firestore key within nodejs-firestore
2023-12-04 15:31:55
veracode
veracode
Sensitive Information Disclosure
2023-12-05 10:19:16
nvd
nvd
CVE-2023-6460
2023-12-04 13:15:07
ibm
ibm
Security Bulletin: IBM Maximo Application Suite uses firestore-4.15.1.tgz which is vulnerable to CVE-2023-6460
2024-04-01 07:39:28
cvelist
cvelist
CVE-2023-6460 Information leak in nodejs-firestore
2023-12-04 12:26:29

7.1 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.0%

JSON
Related for PRION:CVE-2023-6460
github1cve1osv2veracode1nvd1ibm1cvelist1