Lucene search
+L

11 matches found

OSV
OSV
added 2026/05/11 8:21 a.m.4 views

CVE-2026-43826 Apache Airflow Providers OpenSearch: OpenSearch task-log handler leaks credentials embedded in the host URL

The OpenSearch logging provider, when configured with a host URL that embeds credentials for example https://user:[email protected]:9200, wrote the full host URL — including the embedded credentials — into task logs. Any user with task-log read permission could harvest the backend...

6.5CVSS6AI score0.0041EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2023-32485

Malicious code in bioql PyPI...

5.5CVSS5.5AI score0.00247EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 3:38 a.m.8 views

CVE-2023-28864

Progress Chef Infra Server before 15.7 allows a local attacker to exploit a /var/opt/opscode/local-mode-cache/backup world-readable temporary backup path to access sensitive information, resulting in the disclosure of all indexed node data, because OpenSearch credentials are exposed. The data...

5.5CVSS6.4AI score0.00247EPSS
Exploits0References1
NVD
NVD
added 2023/07/17 8:15 p.m.31 views

CVE-2023-28864

Progress Chef Infra Server before 15.7 allows a local attacker to exploit a /var/opt/opscode/local-mode-cache/backup world-readable temporary backup path to access sensitive information, resulting in the disclosure of all indexed node data, because OpenSearch credentials are exposed. The data...

5.5CVSS0.00247EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2023/07/17 8:15 p.m.4 views

CVE-2023-28864

Progress Chef Infra Server before 15.7 allows a local attacker to exploit a /var/opt/opscode/local-mode-cache/backup world-readable temporary backup path to access sensitive information, resulting in the disclosure of all indexed node data, because OpenSearch credentials are exposed. The data...

5.5CVSS5.9AI score0.00247EPSS
Exploits0References4
Prion
Prion
added 2023/07/17 8:15 p.m.15 views

Command injection

Progress Chef Infra Server before 15.7 allows a local attacker to exploit a /var/opt/opscode/local-mode-cache/backup world-readable temporary backup path to access sensitive information, resulting in the disclosure of all indexed node data, because OpenSearch credentials are exposed. The data...

1.7CVSS5.3AI score0.00247EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2023/07/17 12:0 a.m.13 views

CVE-2023-28864

Progress Chef Infra Server before 15.7 allows a local attacker to exploit a /var/opt/opscode/local-mode-cache/backup world-readable temporary backup path to access sensitive information, resulting in the disclosure of all indexed node data, because OpenSearch credentials are exposed. The data...

6.4AI score0.00247EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2023/07/17 12:0 a.m.60 views

CVE-2023-28864

Removed by vendor...

5.5CVSS5.5AI score0.00247EPSS
Exploits0
Cvelist
Cvelist
added 2023/07/17 12:0 a.m.40 views

CVE-2023-28864

Progress Chef Infra Server before 15.7 allows a local attacker to exploit a /var/opt/opscode/local-mode-cache/backup world-readable temporary backup path to access sensitive information, resulting in the disclosure of all indexed node data, because OpenSearch credentials are exposed. The data...

5.5AI score0.00247EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/07/17 12:0 a.m.5 views

PT-2023-22015 · Progress · Progress Chef Infra Server

Name of the Vulnerable Software and Affected Versions: Progress Chef Infra Server versions prior to 15.7 Description: The issue allows a local attacker to access sensitive information by exploiting a world-readable temporary backup path at /var/opt/opscode/local-mode-cache/backup. This results in...

5.5CVSS5.3AI score0.00247EPSS
Exploits0References9
OSV
OSV
added 2023/07/17 12:0 a.m.27 views

CVE-2023-28864

Progress Chef Infra Server before 15.7 allows a local attacker to exploit a /var/opt/opscode/local-mode-cache/backup world-readable temporary backup path to access sensitive information, resulting in the disclosure of all indexed node data, because OpenSearch credentials are exposed. The data...

5.5CVSS6.7AI score0.00247EPSS
Exploits0References5
Rows per page
Query Builder