Sensitive Data Exposure

Infinispan CLI is vulnerable to sensitive data exposure. The vulnerability is due to processing a Base64-decoded Kubernetes secret password in plaintext and including it in a command string, which may expose the data in error messages when a command is not found, allowing attackers to exploit thi...

Infinispan CLI vulnerable to Generation of Error Message Containing Sensitive Information

A flaw was found in Infinispan CLI. A sensitive password, decoded from a Base64-encoded Kubernetes secret, is processed in plaintext and included in a command string that may expose the data in an error message when a command is not found...

CVE-2025-5731

A flaw was found in Infinispan CLI. A sensitive password, decoded from a Base64-encoded Kubernetes secret, is processed in plaintext and included in a command string that may expose the data in an error message when a command is not found...

CVE-2025-5731 Infinispan: credential leakage in infinispan cli

A flaw was found in Infinispan CLI. A sensitive password, decoded from a Base64-encoded Kubernetes secret, is processed in plaintext and included in a command string that may expose the data in an error message when a command is not found...

CVE-2025-5731 Infinispan: credential leakage in infinispan cli

A flaw was found in Infinispan CLI. A sensitive password, decoded from a Base64-encoded Kubernetes secret, is processed in plaintext and included in a command string that may expose the data in an error message when a command is not found...

CVE-2025-5731

Summary: CVE-2025-5731 affects the Infinispan CLI, where a credential decoded from a Kubernetes secret is handled in plaintext and can appear in a command string, potentially leaking data in an error message when a command is not found. Root cause: insecure processing/embedding of the decoded sec...

CVE-2025-5731

A flaw was found in Infinispan CLI. A sensitive password, decoded from a Base64-encoded Kubernetes secret, is processed in plaintext and included in a command string that may expose the data in an error message when a command is not found. Mitigation Currently, no mitigation is available for this...

PT-2025-27013 · Unknown · Infinispan Cli

Name of the Vulnerable Software and Affected Versions: Infinispan CLI affected versions not specified Description: A flaw was found in Infinispan CLI where a sensitive password, decoded from a Base64-encoded Kubernetes secret, is processed in plaintext. This password is included in a command stri...

io.hawt:hawtio-wildfly (=2.17.7), io.kokuwa.keycloak:keycloak-event-metrics (>=0.1.0 <=1.0.0) +133 more potentially affected by CVE-2023-6236 via org.wildfly.security:wildfly-elytron-http-oidc (>=1.15.7.Final <=2.2.4.Final)

org.wildfly.security:wildfly-elytron-http-oidc MAVEN version =1.15.7.Final, =0.1.0, =9.4.45.v20220203, =9.4.45.v20220203, =9.4.45.v20220203, =10.0.8, =12.0.1, =12.0.1, =12.0.1, =10.0.10, =13.0.0.CR1, =3.1.0.Final, =3.1.1.Alpha1 - org.jboss.resteasy.spring:galleon-feature-pack-layers-metadata-test...