Lucene search
Veracode Vulnerability DatabaseVERACODE:36345HistoryJul 13, 2022 - 3:35 p.m.
Information Disclosure
2022-07-1315:35:04
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
14
valinor
vulnerability
throwable#getmessage()
sensitive information
database
passwords
system memory.
EPSS
0.002
Percentile
58.5%
Valinor is vulnerable to Information Disclosure. Valinor has access to Throwable#getMessage(), which can disclose sensitive information such as database passwords or system memory details.
References
github.com/CuyZ/Valinor/commit/316d91910d289780a7b791f17b958eae264a6296
github.com/CuyZ/Valinor/commit/63c87a2cc4c28546f28d51998a93fe89f0885535
github.com/CuyZ/Valinor/commit/6ce1a439adb1f6ee7e771fe02d454aa91e7b320f
github.com/CuyZ/Valinor/commit/7c9ac1dd6d518e5e5f0fc02ee172b12084082d1d
github.com/CuyZ/Valinor/commit/d3b1dcb64ec561cdedffe5ca779341fc9452a858
github.com/CuyZ/Valinor/releases/tag/0.12.0
github.com/CuyZ/Valinor/security/advisories/GHSA-5pgm-3j3g-2rc7
Related
osv
osv
Valinor error messages leading to potential data exfiltration before v0.12.0
2022-07-12 22:15:29
CVE-2022-31140
2022-07-11 20:15:08
cvelist
cvelist
CVE-2022-31140 Valinor error messages leading to potential data exfiltration
2022-07-11 19:55:09
nvd
nvd
CVE-2022-31140
2022-07-11 20:15:08
github
github
Valinor error messages leading to potential data exfiltration before v0.12.0
2022-07-12 22:15:29
prion
prion
Design/Logic Flaw
2022-07-11 20:15:00
ubuntucve
ubuntucve
CVE-2022-31140
2022-07-11 00:00:00
cve
cve
CVE-2022-31140
2022-07-11 20:15:08