Lucene search
GoogleOSV:GHSA-PPM5-JV84-2XG2HistoryJun 25, 2024 - 5:26 p.m.
Aimeos HTML client may potentially reveal sensitive information in error log
2024-06-2517:26:56
Google
osv.dev
7
aimeos html client
sensitive information
error log
environment variables
laravel
multi-vendor setups
admin access
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
6.5
Confidence
High
EPSS
0
Percentile
9.1%
Impact
Debug information can reveal sensitive information from environment variables in error log
Affected platform
Laravel environments with multi-vendor setups and admin access for the vendors
Related
cve
cve
CVE-2024-38516
2024-06-25 21:15:59
gitlab
gitlab
Aimeos HTML client may potentially reveal sensitive information in error log
2024-06-25 00:00:00
github
github
Aimeos HTML client may potentially reveal sensitive information in error log
2024-06-25 17:26:56
nvd
nvd
CVE-2024-38516
2024-06-25 21:15:59
veracode
veracode
Information Disclosure
2024-06-26 07:13:11
osv
osv
CVE-2024-38516
2024-06-25 21:15:59
cvelist
cvelist
vulnrichment
vulnrichment
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
6.5
Confidence
High
EPSS
0
Percentile
9.1%
Related for OSV:GHSA-PPM5-JV84-2XG2