Search criteria
2 vulnerabilities found for roll_cms by erjemin
CVE-2024-8571 (GCVE-0-2024-8571)
Vulnerability from nvd – Published: 2024-09-08 07:31 – Updated: 2024-09-09 14:55
VLAI
Title
erjemin roll_cms views.py information exposure
Summary
A vulnerability was found in erjemin roll_cms up to 1484fe2c4e0805946a7bcf46218509fcb34883a9. It has been classified as problematic. This affects an unknown part of the file roll_cms/roll_cms/views.py. The manipulation leads to information exposure through error message. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available.
Severity
CWE
- CWE-209 - Information Exposure Through Error Message
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.276801 | vdb-entry |
| https://vuldb.com/?ctiid.276801 | signaturepermissions-required |
| https://vuldb.com/?submit.400796 | third-party-advisory |
| https://github.com/erjemin/roll_cms/issues/1 | issue-tracking |
Impacted products
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8571",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-09T14:51:43.747229Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-09T14:55:49.858Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "roll_cms",
"vendor": "erjemin",
"versions": [
{
"status": "affected",
"version": "1484fe2c4e0805946a7bcf46218509fcb34883a9"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "zihe (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in erjemin roll_cms up to 1484fe2c4e0805946a7bcf46218509fcb34883a9. It has been classified as problematic. This affects an unknown part of the file roll_cms/roll_cms/views.py. The manipulation leads to information exposure through error message. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available."
},
{
"lang": "de",
"value": "Es wurde eine Schwachstelle in erjemin roll_cms bis 1484fe2c4e0805946a7bcf46218509fcb34883a9 ausgemacht. Sie wurde als problematisch eingestuft. Hiervon betroffen ist ein unbekannter Codeblock der Datei roll_cms/roll_cms/views.py. Durch Manipulieren mit unbekannten Daten kann eine information exposure through error message-Schwachstelle ausgenutzt werden. Dieses Produkt setzt Rolling Releases ein. Aus diesem Grund sind Details zu betroffenen oder zu aktualisierende Versionen nicht verf\u00fcgbar."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 2.7,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-209",
"description": "CWE-209 Information Exposure Through Error Message",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-08T07:31:04.205Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-276801 | erjemin roll_cms views.py information exposure",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.276801"
},
{
"name": "VDB-276801 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.276801"
},
{
"name": "Submit #400796 | erjemin roll_cms None Information Exposure Through Error Message",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.400796"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/erjemin/roll_cms/issues/1"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-09-07T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2024-09-07T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2024-09-07T08:45:35.000Z",
"value": "VulDB entry last update"
}
],
"title": "erjemin roll_cms views.py information exposure"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2024-8571",
"datePublished": "2024-09-08T07:31:04.205Z",
"dateReserved": "2024-09-07T06:39:42.641Z",
"dateUpdated": "2024-09-09T14:55:49.858Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-8571 (GCVE-0-2024-8571)
Vulnerability from cvelistv5 – Published: 2024-09-08 07:31 – Updated: 2024-09-09 14:55
VLAI
Title
erjemin roll_cms views.py information exposure
Summary
A vulnerability was found in erjemin roll_cms up to 1484fe2c4e0805946a7bcf46218509fcb34883a9. It has been classified as problematic. This affects an unknown part of the file roll_cms/roll_cms/views.py. The manipulation leads to information exposure through error message. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available.
Severity
CWE
- CWE-209 - Information Exposure Through Error Message
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.276801 | vdb-entry |
| https://vuldb.com/?ctiid.276801 | signaturepermissions-required |
| https://vuldb.com/?submit.400796 | third-party-advisory |
| https://github.com/erjemin/roll_cms/issues/1 | issue-tracking |
Impacted products
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8571",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-09T14:51:43.747229Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-09T14:55:49.858Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "roll_cms",
"vendor": "erjemin",
"versions": [
{
"status": "affected",
"version": "1484fe2c4e0805946a7bcf46218509fcb34883a9"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "zihe (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in erjemin roll_cms up to 1484fe2c4e0805946a7bcf46218509fcb34883a9. It has been classified as problematic. This affects an unknown part of the file roll_cms/roll_cms/views.py. The manipulation leads to information exposure through error message. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available."
},
{
"lang": "de",
"value": "Es wurde eine Schwachstelle in erjemin roll_cms bis 1484fe2c4e0805946a7bcf46218509fcb34883a9 ausgemacht. Sie wurde als problematisch eingestuft. Hiervon betroffen ist ein unbekannter Codeblock der Datei roll_cms/roll_cms/views.py. Durch Manipulieren mit unbekannten Daten kann eine information exposure through error message-Schwachstelle ausgenutzt werden. Dieses Produkt setzt Rolling Releases ein. Aus diesem Grund sind Details zu betroffenen oder zu aktualisierende Versionen nicht verf\u00fcgbar."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 2.7,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-209",
"description": "CWE-209 Information Exposure Through Error Message",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-08T07:31:04.205Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-276801 | erjemin roll_cms views.py information exposure",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.276801"
},
{
"name": "VDB-276801 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.276801"
},
{
"name": "Submit #400796 | erjemin roll_cms None Information Exposure Through Error Message",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.400796"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/erjemin/roll_cms/issues/1"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-09-07T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2024-09-07T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2024-09-07T08:45:35.000Z",
"value": "VulDB entry last update"
}
],
"title": "erjemin roll_cms views.py information exposure"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2024-8571",
"datePublished": "2024-09-08T07:31:04.205Z",
"dateReserved": "2024-09-07T06:39:42.641Z",
"dateUpdated": "2024-09-09T14:55:49.858Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}