4 matches found
CVE-2025-62607
Nautobot Single Source of Truth SSoT is an app for Nautobot. Prior to version 3.10.0, an unauthenticated attacker could access this page to view the Service Now public instance name e.g. companyname.service-now.com. This is considered low-value information. This does not expose the Secret, the...
CVE-2025-62607
Nautobot Single Source of Truth SSoT is an app for Nautobot. Prior to version 3.10.0, an unauthenticated attacker could access this page to view the Service Now public instance name e.g. companyname.service-now.com. This is considered low-value information. This does not expose the Secret, the...
EUVD-2025-35304
Nautobot Single Source of Truth SSoT is an app for Nautobot. Prior to version 3.10.0, an unauthenticated attacker could access this page to view the Service Now public instance name e.g. companyname.service-now.com. This is considered low-value information. This does not expose the Secret, the...
Insertion of Sensitive Information into Externally-Accessible File or Directory
Overview nautobot-ssot is a Nautobot Single Source of Truth Affected versions of this package are vulnerable to Insertion of Sensitive Information into Externally-Accessible File or Directory by placing the Service Now public instance name e.g. companyname.service-now.com in a generic django view...