4 matches found
Sensitive Information Disclosure
Directus is vulnerable to an Sensitive Information Disclosure. The vulnerability is due to insecure handling of version information, as the exact version number is included in compiled JS bundles that are accessible without authentication. This exposes potential information that a malicious...
GHSA-5MHG-WV8W-P59J Directus version number disclosure
Impact Currently the exact Directus version number is being shipped in compiled JS bundles which are accessible without authentication. With this information a malicious attacker can trivially look for known vulnerabilities in Directus core or any of its shipped dependencies in that specific...
Directus version number disclosure
Impact Currently the exact Directus version number is being shipped in compiled JS bundles which are accessible without authentication. With this information a malicious attacker can trivially look for known vulnerabilities in Directus core or any of its shipped dependencies in that specific...
CVE-2024-27296 Directus version number disclosure
Directus is a real-time API and App dashboard for managing SQL database content. Prior to version 10.8.3, the exact Directus version number was being shipped in compiled JS bundles which are accessible without authentication. With this information a malicious attacker can trivially look for known...