Lucene search
K

4 matches found

NVD
NVD
added 2026/03/10 6:18 p.m.7 views

CVE-2026-30928

Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.1, the /api/4/config REST API endpoint returns the entire parsed Glances configuration file glances.conf via self.config.asdict with no filtering of sensitive values. The configuration file contains credentials for all...

8.7CVSS0.01657EPSS
Exploits1References3
OSV
OSV
added 2026/03/10 6:18 p.m.6 views

DEBIAN-CVE-2026-30928

Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.1, the /api/4/config REST API endpoint returns the entire parsed Glances configuration file glances.conf via self.config.asdict with no filtering of sensitive values. The configuration file contains credentials for all...

7.5CVSS8.4AI score0.01657EPSS
Exploits1References1
AlpineLinux
AlpineLinux
added 2026/03/10 4:15 p.m.4 views

CVE-2026-30928

Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.1, the /api/4/config REST API endpoint returns the entire parsed Glances configuration file glances.conf via self.config.asdict with no filtering of sensitive values. The configuration file contains credentials for all...

8.7CVSS5.8AI score0.01657EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2026/03/09 7:50 p.m.9 views

Glances Exposes Unauthenticated Configuration Secrets

Summary The /api/4/config REST API endpoint returns the entire parsed Glances configuration file glances.conf via self.config.asdict with no filtering of sensitive values. The configuration file contains credentials for all configured backend services including database passwords, API tokens, JWT...

8.7CVSS5.8AI score0.01657EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder