Lucene search
K

4 matches found

Veracode
Veracode
added 2026/05/04 10:52 a.m.12 views

Information Exposure

org.springframework.grpc, spring-grpc-core is vulnerable to information exposure through error messages. The vulnerability is due to returning raw server-side AuthenticationException messages in the gRPC status description, which allows an attacker to gather authentication failure details and...

5.3CVSS5.8AI score0.002EPSS
Exploits0References3Affected Software2
EUVD
EUVD
added 2026/04/28 2:54 p.m.6 views

EUVD-2026-26064

The raw message of every server-side AuthenticationException is returned to the unauthenticated remote caller in the gRPC status description. This allows an attacker to obtain information about the authentication failure, which may be useful for further attacks. Affected versions: Spring gRPC:...

3.7CVSS5.3AI score0.002EPSS
Exploits0References1
Spring Security Advisories
Spring Security Advisories
added 2026/04/28 12:0 a.m.8 views

Spring gRPC AuthenticationException message reflected to remote client

The raw message of every server-side AuthenticationException is returned to the unauthenticated remote caller in the gRPC status description. This allows an attacker to obtain information about the authentication failure, which may be useful for further attacks...

3.7CVSS5.9AI score0.002EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2019/10/03 7:15 p.m.3 views

ALPINE-CVE-2019-15162

rpcapd/daemon.c in libpcap before 1.9.1 on non-Windows platforms provides details about why authentication failed, which might make it easier for attackers to enumerate valid usernames...

5.3CVSS7.1AI score0.01783EPSS
Exploits0References1
Rows per page
Query Builder