4 matches found
Code injection
The CVEProject/cve-services is an open source project used to operate the CVE services api. In versions up to and including 1.1.1 the org.conroller.js code would erroneously log user secrets. This has been resolved in commit 46d98f2b and should be available in subsequent versions of the software...
CVE-2022-24875 Potential Secrets being logged to disk in CVEProject/cve-services
The CVEProject/cve-services is an open source project used to operate the CVE services api. In versions up to and including 1.1.1 the org.conroller.js code would erroneously log user secrets. This has been resolved in commit 46d98f2b and should be available in subsequent versions of the software...
CVE-2022-24875 Potential Secrets being logged to disk in CVEProject/cve-services
The CVEProject/cve-services is an open source project used to operate the CVE services api. In versions up to and including 1.1.1 the org.conroller.js code would erroneously log user secrets. This has been resolved in commit 46d98f2b and should be available in subsequent versions of the software...
cve-services 日志信息泄露漏洞
cve-services is an open source project. It is used to operate the CVE Services API. A security vulnerability exists in cve-services version 1.1.1 and earlier versions, which stems from org.conroller.js code that incorrectly logs user secrets...