Lucene search
+L

4 matches found

redhatcve
redhatcve
added 2025/05/22 9:34 p.m.7 views

CVE-2021-43840

messagebus is a messaging bus for Ruby processes and web clients. In versions prior to 3.3.7 users who deployed message bus with diagnostics features enabled default off are vulnerable to a path traversal bug, which could lead to disclosure of secret information on a machine if an unintended user...

6.5CVSS6.6AI score0.01869EPSS
Exploits0
osv
osv
added 2021/12/17 7:15 p.m.21 views

CVE-2021-43840

messagebus is a messaging bus for Ruby processes and web clients. In versions prior to 3.3.7 users who deployed message bus with diagnostics features enabled default off are vulnerable to a path traversal bug, which could lead to disclosure of secret information on a machine if an unintended user...

6.5CVSS6.5AI score
Exploits0References2
cve
cve
added 2021/12/17 6:15 p.m.92 views

CVE-2021-43840

The CVE concerns the message_bus Ruby gem. If deployed before version 3.3.7 with diagnostics enabled, a path traversal flaw in the diagnostic route could disclose secret information; impact increases without a proxy, while proxies (e.g., Nginx with merge_slashes) can limit exposure to about 3 dir...

6.5CVSS5.5AI score0.01869EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2021/12/17 6:15 p.m.29 views

CVE-2021-43840 Path traversal in message_bus

messagebus is a messaging bus for Ruby processes and web clients. In versions prior to 3.3.7 users who deployed message bus with diagnostics features enabled default off are vulnerable to a path traversal bug, which could lead to disclosure of secret information on a machine if an unintended user...

4.4CVSS6.7AI score0.01869EPSS
Exploits0References2
Rows per page
Query Builder