579 matches found
Information disclosure
IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in a stack trace. This information could be used in further attacks against the system. IBM X-Force ID: 231202...
CVE-2022-35715
IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in a stack trace. This information could be used in further attacks against the system. IBM X-Force ID: 231202...
CVE-2022-35715
IBM InfoSphere Information Server 11.7 is affected by CVE-2022-35715, a remote-information-disclosure vulnerability caused by returning detailed technical error messages in stack traces. The IBM Security Bulletin confirms an Information Disclosure vulnerability with a CVSS v3 base score of 5.3 (v...
Design/Logic Flaw
DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. When an "Internal System Error" occurs in the JSPUI, then entire exception including stack trace is available. Information in this stacktrace may ...
CVE-2022-31189
The CVE-2022-31189 issue affects the DSpace JSPUI component. When an internal system error occurs in the JSPUI, the application exposes the entire exception stack trace, which can disclose sensitive information. Affected product: DSpace JSPUI (UI for the repository app). Root cause: unsealed erro...
CVE-2022-31189 "Internal System Error" page in DSpace JSPUI prints exceptions and stack traces without sanitization
DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. When an "Internal System Error" occurs in the JSPUI, then entire exception including stack trace is available. Information in this stacktrace may ...
CVE-2022-31189 "Internal System Error" page in DSpace JSPUI prints exceptions and stack traces without sanitization
DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. When an "Internal System Error" occurs in the JSPUI, then entire exception including stack trace is available. Information in this stacktrace may ...
CVE-2022-31189 "Internal System Error" page in DSpace JSPUI prints exceptions and stack traces without sanitization
DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. When an "Internal System Error" occurs in the JSPUI, then entire exception including stack trace is available. Information in this stacktrace may ...
PT-2022-20597 · Dspace · Dspace
Name of the Vulnerable Software and Affected Versions: DSpace versions prior to 6.4 Description: When an "Internal System Error" occurs in the JSPUI, the entire exception, including the stack trace, is available. Information in this stacktrace may be useful to an attacker in launching a more...
Uber: Golang expvar Information Disclosure
Package expvar provides a standardized interface to public variables, such as stack trace information and operation counters in servers...
IBM MQ 8.0 <= 8.0.0.16 / 9.0 < 9.0.0.13 / 9.1 < 9.1.0.11 LTS / 9.1 < 9.2.5 CD / 9.2 LTS (6587837)
The version of IBM MQ Server running on the remote host is affected by a vulnerability as referenced in the 6587837 advisory. - IBM MQ IBM MQ for HPE NonStop 8.1.0 can inadvertently disclose sensitive information under certain circumstances to a local user from a stack trace. IBM X-Force ID:...
CVE-2022-31047 Insertion of Sensitive Information into Log File in typo3/cms-core
TYPO3 is an open source web content management system. Prior to versions 7.6.57 ELTS, 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, and 11.5.11, system internal credentials or keys e.g. database credentials can be logged as plaintext in exception handlers, when logging the complete exception stack trace...
GHSA-P9P4-97G9-WCRH Dev error stack trace leaking into prod in Play Framework
Impact Play Framework, when run in dev mode, shows verbose errors for easy debugging, including an exception stack trace. Play does this by configuring its DefaultHttpErrorHandler to do so based on the application mode. In its Scala API Play also provides a static object DefaultHttpErrorHandler...
Information Disclosure
play2.12 is vulnerable to information disclosure. The vulnerability exists due to the improper configuration use in DefaultHttpErrorHandler, allowing an attacker to gain access to sensitive information through the error message in stack trace by providing some invalid values...
Diavante vue-storefront-api and storefront-api disclose stack trace
In Divante vue-storefront-api through 1.11.1 and storefront-api through 1.0-rc.1, as used in VueStorefront PWA, unexpected HTTP requests lead to an exception that discloses the error stack trace, with absolute file paths and Node.js module names...
GHSA-9WXJ-37P8-49FF Diavante vue-storefront-api and storefront-api disclose stack trace
In Divante vue-storefront-api through 1.11.1 and storefront-api through 1.0-rc.1, as used in VueStorefront PWA, unexpected HTTP requests lead to an exception that discloses the error stack trace, with absolute file paths and Node.js module names...
Apache Atlas produces Stack trace in error response
Error responses from Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating included stack trace, exposing excessive information...
CVE-2022-22325
IBM MQ IBM MQ for HPE NonStop 8.1.0 can inadvertently disclose sensitive information under certain circumstances to a local user from a stack trace. IBM X-Force ID: 218853...
Information disclosure
IBM MQ IBM MQ for HPE NonStop 8.1.0 can inadvertently disclose sensitive information under certain circumstances to a local user from a stack trace. IBM X-Force ID: 218853...
CVE-2022-22325
IBM MQ IBM MQ for HPE NonStop 8.1.0 can inadvertently disclose sensitive information under certain circumstances to a local user from a stack trace. IBM X-Force ID: 218853...