10 matches found
Information Exposure
Overview Affected versions of this package are vulnerable to Information Exposure via the pprof endpoint. An attacker can obtain sensitive authentication tokens by sending unauthenticated requests to the /debug/pprof/cmdline endpoint and subsequently use the leaked token to gain unauthorized...
Information Exposure
Overview Affected versions of this package are vulnerable to Information Exposure via the pprof endpoint. An attacker can obtain sensitive authentication tokens by sending unauthenticated requests to the /debug/pprof/cmdline endpoint and subsequently use the leaked token to gain unauthorized...
Information Exposure
Overview Affected versions of this package are vulnerable to Information Exposure via the pprof endpoint. An attacker can obtain sensitive authentication tokens by sending unauthenticated requests to the /debug/pprof/cmdline endpoint and subsequently use the leaked token to gain unauthorized...
Information Exposure
Overview Affected versions of this package are vulnerable to Information Exposure via the pprof endpoint. An attacker can obtain sensitive authentication tokens by sending unauthenticated requests to the /debug/pprof/cmdline endpoint and subsequently use the leaked token to gain unauthorized...
Information Exposure
Overview Affected versions of this package are vulnerable to Information Exposure via the pprof endpoint. An attacker can obtain sensitive authentication tokens by sending unauthenticated requests to the /debug/pprof/cmdline endpoint and subsequently use the leaked token to gain unauthorized...
CVE-2026-40173 Dgraph: Unauthenticated pprof endpoint leaks admin auth token
Dgraph is an open source distributed GraphQL database. Versions 25.3.1 and prior contain an unauthenticated credential disclosure vulnerability where the /debug/pprof/cmdline endpoint is registered on the default mux and reachable without authentication, exposing the full process command line...
CVE-2026-40173 Dgraph: Unauthenticated pprof endpoint leaks admin auth token
Dgraph is an open source distributed GraphQL database. Versions 25.3.1 and prior contain an unauthenticated credential disclosure vulnerability where the /debug/pprof/cmdline endpoint is registered on the default mux and reachable without authentication, exposing the full process command line...
CVE-2026-40173
Dgraph (Open Source GraphQL DB) versions
VulnCheck KEV: CVE-2019-11248
The debugging endpoint /debug/pprof is exposed over the unauthenticated Kubelet healthz port. The go pprof endpoint is exposed over the Kubelet's healthz port. This debugging endpoint can potentially leak sensitive information such as internal Kubelet memory addresses and configuration, or for...
SUSE CVE-2019-11248
The debugging endpoint /debug/pprof is exposed over the unauthenticated Kubelet healthz port. The go pprof endpoint is exposed over the Kubelet's healthz port. This debugging endpoint can potentially leak sensitive information such as internal Kubelet memory addresses and configuration, or for...