Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:40198
HistoryApr 20, 2023 - 4:16 a.m.

Token Disclosure

2023-04-2004:16:35
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
5
security
vulnerability
token disclosure
nuxtlabs
github module
hard-coded credentials
config file
attacker
sensitive information

0.003 Low

EPSS

Percentile

67.8%

JSON

@nuxtlabs/github-module is vulnerable to Token Disclosure. The vulnerability exists in the module.ts because it uses hard-coded credentials in the config file, which allows an attacker to gain sensitive information through the token in the public runtime config.

Related

cve 1
cvelist 1
huntr 1
osv 2
prion 1
nvd 1
github 1
cve
cve
CVE-2023-2138
2023-04-18 01:15:07
cvelist
cvelist
CVE-2023-2138 Use of Hard-coded Credentials in nuxtlabs/github-module
2023-04-18 00:00:00
huntr
huntr
Github token with wide access to Nuxt related repositories leaked in the wild
2023-04-10 13:11:58
osv
osv
@nuxtlabs/github-module made Use of Hard-coded Credentials
2023-04-18 03:30:42
CVE-2023-2138
2023-04-18 01:15:07
prion
prion
Hardcoded credentials
2023-04-18 01:15:00
nvd
nvd
CVE-2023-2138
2023-04-18 01:15:07
github
github
@nuxtlabs/github-module made Use of Hard-coded Credentials
2023-04-18 03:30:42

0.003 Low

EPSS

Percentile

67.8%

JSON
Related for VERACODE:40198
cve1cvelist1huntr1osv2prion1nvd1github1