4 matches found
CVE-2024-2725
Information exposure vulnerability in the CIGESv2 system. A remote attacker might be able to access /vendor/composer/installed.json and retrieve all installed packages used by the application...
CVE-2024-2725 Exposure of Sensitive Information vulnerability in the CIGESv2 system
Information exposure vulnerability in the CIGESv2 system. A remote attacker might be able to access /vendor/composer/installed.json and retrieve all installed packages used by the application...
CVE-2024-2725 Exposure of Sensitive Information vulnerability in the CIGESv2 system
Information exposure vulnerability in the CIGESv2 system. A remote attacker might be able to access /vendor/composer/installed.json and retrieve all installed packages used by the application...
CVE-2024-2725
CVE-2024-2725 affects the CIGESv2 system and describes an information-exposure vulnerability where a remote attacker can access the /vendor/composer/installed.json endpoint to enumerate all installed packages used by the application. Documented impact is information disclosure with CVSS v3.1 base...