4 matches found
Exposure of Sensitive Information Through Metadata
Overview org.apache.activemq:activemq-all is a package that puts together an ActiveMQ jar bundle. Affected versions of this package are vulnerable to Exposure of Sensitive Information Through Metadata in the BrokerInfo component. An attacker can obtain sensitive metadata, including client...
CVE-2025-13084
The groov View API exposes a users endpoint that returns a list of all users with metadata including their API keys. Access requires an Editor role, but the endpoint reveals API keys for all users, including Administrators, creating potential exposure and confidentiality impact. The issue is docu...
Exposure of Sensitive Information Through Metadata
Overview Affected versions of this package are vulnerable to Exposure of Sensitive Information Through Metadata when executing the UpdateChannelBookmark function, due to improper handling of user permissions. By creating a bookmark referencing a deleted file, an attacker can expose metadata from...
Linux Distros Unpatched Vulnerability : CVE-2018-20483
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - setfilemetadata in xattr.c in GNU Wget before 1.20.1 stores a file's origin URL in the user.xdg.origin.url metadata attribute of the extended attributes of the...