ByteOS Network

NVD Vulnerability Details :

CVE-2022-0504

Analyzed

Source-security@huntr.dev

Published At-08 Feb, 2022 | 09:15

Updated At-11 Feb, 2022 | 16:18

Generation of Error Message Containing Sensitive Information in Packagist microweber/microweber prior to 1.2.11.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Type	Version	Base score	Base severity	Vector
Primary	3.1	6.5	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Secondary	3.0	6.5	MEDIUM	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Primary	2.0	4.0	MEDIUM	AV:N/AC:L/Au:S/C:P/I:N/A:N

>>microweber>>Versions before 1.2.11(exclusive)

CWE ID	Type	Source
CWE-209	Primary	security@huntr.dev

Hyperlink	Source	Resource
https://github.com/microweber/microweber/commit/e607e5f745cd99d5c06a7fce16b3577fab8e1250	security@huntr.dev	Patch Third Party Advisory
https://huntr.dev/bounties/285ff8a0-a273-4d62-ba01-3e4b4e18467b	security@huntr.dev	Exploit Third Party Advisory