Lucene search
+L

6 matches found

vulnersOsv
vulnersOsv
added 2023/03/23 9:30 p.m.9 views

org.apache.camel.quarkus:camel-quarkus-hashicorp-vault (=3.0.0-M1), org.apache.camel.quarkus:camel-quarkus-hashicorp-vault-deployment (=3.0.0-M1) +11 more potentially affected by CVE-2023-20859 via org.springframework.vault:spring-vault-core (=3.0.0)

org.springframework.vault:spring-vault-core MAVEN version =3.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.springframework.vault:spring-vault-core and may be impacted: - org.apache.camel.quarkus:camel-quarkus-hashicorp-vault =3.0.0-M1 -...

5.5CVSS6.4AI score0.00223EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2023/03/23 9:30 p.m.7 views

com.bpfaas:bps-config-server-spring-cloud-starter (>=0.0.1-RELEASE <=3.2.2), com.github.paulcwarren:spring-content-encryption (>=2.7.0 <=2.9.0) +138 more potentially affected by CVE-2023-20859 via org.springframework.vault:spring-vault-core (>=1.0.0.RELEASE <=2.3.2)

org.springframework.vault:spring-vault-core MAVEN version =1.0.0.RELEASE, =0.0.1-RELEASE, =2.7.0, =0.8, =0.8, =0.8, =0.8, =2.4.0, =0.9.1, =0.9.12, =0.10.2, =1.1.6, =1.2.16 and more Source cves: CVE-2023-20859 Source advisory: OSV:GHSA-R47R-87P9-8JH3...

5.5CVSS6.4AI score0.00223EPSS
Exploits0
NVD
NVD
added 2023/03/23 9:15 p.m.41 views

CVE-2023-20859

In Spring Vault, versions 3.0.x prior to 3.0.2 and versions 2.3.x prior to 2.3.3 and older versions, an application is vulnerable to insertion of sensitive information into a log file when it attempts to revoke a Vault batch token...

5.5CVSS6.2AI score0.00223EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/03/23 12:0 a.m.11 views

CVE-2023-20859

In Spring Vault, versions 3.0.x prior to 3.0.2 and versions 2.3.x prior to 2.3.3 and older versions, an application is vulnerable to insertion of sensitive information into a log file when it attempts to revoke a Vault batch token...

5.3AI score0.00223EPSS
Exploits0References1
CVE
CVE
added 2023/03/23 12:0 a.m.462 views

CVE-2023-20859

CVE-2023-20859 affects Spring Vault: 3.0.x prior to 3.0.2 and 2.3.x prior to 2.3.3 (and older versions). The issue allows insertion of sensitive information into log files when revoking a Vault batch token, potentially exposing confidential data on local systems. The NVD metrics show a Local, Low...

5.5CVSS5.1AI score0.00223EPSS
Exploits0References1Affected Software3
OSV
OSV
added 2023/03/23 12:0 a.m.28 views

CVE-2023-20859

In Spring Vault, versions 3.0.x prior to 3.0.2 and versions 2.3.x prior to 2.3.3 and older versions, an application is vulnerable to insertion of sensitive information into a log file when it attempts to revoke a Vault batch token...

5.5CVSS5.8AI score0.00223EPSS
Exploits0References3
Rows per page
Query Builder