CVE-2022-0622

Generation of Error Message Containing Sensitive Information in snipe/snipe-it

CVSS 5.3 MEDIUMEPSS 1.0%CWE-209

Generation of Error Message Containing Sensitive Information in Packagist snipe/snipe-it prior to 5.3.11.

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Affected products

snipe · snipe/snipe-it

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/snipe/snipe-it/commit/178e44095141ab805c282f563fb088df1a10b2e2 https://huntr.dev/bounties/4ed99dab-5319-4b6b-919a-84a9acd0061a