Lucene search
Veracode Vulnerability DatabaseVERACODE:25164HistoryMay 04, 2020 - 9:21 a.m.
Information Disclosure
2020-05-0409:21:16
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
15
0.001 Low
EPSS
Percentile
51.1%
doorkeeper is susceptible to information disclosure. If it enables the Doorkeeper::Application attributes using the GET /oauth/authorized_applications.json, an authorized application user can access the model attribute values including secrets.
| CPE | Name | Operator | Version |
|---|---|---|---|
| doorkeeper | eq | 5.4.0.rc1 | |
| doorkeeper | le | 5.2.4 | |
| doorkeeper | le | 5.0.2 | |
| doorkeeper | le | 5.3.1 | |
| doorkeeper | le | 5.1.0 |
Related
osv
osv
Exposure of Sensitive Information to an Unauthorized Actor in Doorkeeper
2020-05-07 21:11:07
CVE-2020-10187
2020-05-04 14:15:13
cvelist
cvelist
CVE-2020-10187
2020-05-04 13:19:04
cve
cve
CVE-2020-10187
2020-05-04 14:15:13
nvd
nvd
CVE-2020-10187
2020-05-04 14:15:13
github
github
Exposure of Sensitive Information to an Unauthorized Actor in Doorkeeper
2020-05-07 21:11:07
debiancve
debiancve
CVE-2020-10187
2020-05-04 14:15:13
prion
prion
Information disclosure
2020-05-04 14:15:00
ubuntucve
ubuntucve
CVE-2020-10187
2020-05-04 00:00:00
freebsd
freebsd
Gitlab -- Multiple Vulnerabilities
2020-04-30 00:00:00
nessus
nessus