Valinor is vulnerable to Information Disclosure. Valinor has access to Throwable#getMessage()
, which can disclose sensitive information such as database passwords or system memory details.
github.com/CuyZ/Valinor/commit/316d91910d289780a7b791f17b958eae264a6296
github.com/CuyZ/Valinor/commit/63c87a2cc4c28546f28d51998a93fe89f0885535
github.com/CuyZ/Valinor/commit/6ce1a439adb1f6ee7e771fe02d454aa91e7b320f
github.com/CuyZ/Valinor/commit/7c9ac1dd6d518e5e5f0fc02ee172b12084082d1d
github.com/CuyZ/Valinor/commit/d3b1dcb64ec561cdedffe5ca779341fc9452a858
github.com/CuyZ/Valinor/releases/tag/0.12.0
github.com/CuyZ/Valinor/security/advisories/GHSA-5pgm-3j3g-2rc7