5 matches found
CVE-2022-31140
Valinor is a PHP library that helps to map any input into a strongly-typed value object structure. Prior to version 0.12.0, Valinor can use ThrowablegetMessage when it should not have permission to do so. This is a problem with cases such as an SQL exception showing an SQL snippet, a database...
CVE-2022-31140
Valinor is a PHP library that helps to map any input into a strongly-typed value object structure. Prior to version 0.12.0, Valinor can use ThrowablegetMessage when it should not have permission to do so. This is a problem with cases such as an SQL exception showing an SQL snippet, a database...
CVE-2022-31140
Valinor (PHP) prior to version 0.12.0 exposes sensitive error data by allowing Throwable#getMessage() to be accessed. This can reveal SQL snippets, database credentials (IP, username/password), and other details in exception messages, enabling information disclosure, potential data exfiltration, ...
CVE-2022-31140 Valinor error messages leading to potential data exfiltration
Valinor is a PHP library that helps to map any input into a strongly-typed value object structure. Prior to version 0.12.0, Valinor can use ThrowablegetMessage when it should not have permission to do so. This is a problem with cases such as an SQL exception showing an SQL snippet, a database...
CVE-2022-31140 Valinor error messages leading to potential data exfiltration
Valinor is a PHP library that helps to map any input into a strongly-typed value object structure. Prior to version 0.12.0, Valinor can use ThrowablegetMessage when it should not have permission to do so. This is a problem with cases such as an SQL exception showing an SQL snippet, a database...