Vulnerabilities > Information Exposure Through an Error Message
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-06 | CVE-2021-39023 | Information Exposure Through an Error Message vulnerability in IBM Guardium Data Encryption IBM Guardium Data Encryption (GDE) 4.0.0 and 5.0.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 7.5 |
| 2022-05-04 | CVE-2021-43206 | Information Exposure Through an Error Message vulnerability in Fortinet Fortios and Fortiproxy A server-generated error message containing sensitive information in Fortinet FortiOS 7.0.0 through 7.0.3, 6.4.0 through 6.4.8, 6.2.x, 6.0.x and FortiProxy 7.0.0 through 7.0.1, 2.0.x allows malicious webservers to retrieve a web proxy's client username and IP via same origin HTTP requests triggering proxy-generated HTTP status codes pages. | 4.3 |
| 2022-04-20 | CVE-2022-29266 | Information Exposure Through an Error Message vulnerability in Apache Apisix In APache APISIX before 3.13.1, the jwt-auth plugin has a security issue that leaks the user's secret key because the error message returned from the dependency lua-resty-jwt contains sensitive information. | 7.5 |
| 2022-04-19 | CVE-2021-39033 | Information Exposure Through an Error Message vulnerability in IBM Sterling B2B Integrator IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5 and 6.1.0.0 through 6.1.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 6.5 |
| 2022-04-04 | CVE-2022-1120 | Information Exposure Through an Error Message vulnerability in Gitlab Missing filtering in an error message in GitLab CE/EE affecting all versions prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 exposed sensitive information when an include directive fails in the CI/CD configuration. | 6.5 |
| 2022-04-01 | CVE-2021-32937 | Information Exposure Through an Error Message vulnerability in Auvesy-Mdt Autosave and Autosave for System Platform An attacker can gain knowledge of a session temporary working folder where the getfile and putfile commands are used in MDT AutoSave versions prior to v6.02.06. | 7.5 |
| 2022-03-30 | CVE-2022-23794 | Information Exposure Through an Error Message vulnerability in Joomla Joomla! An issue was discovered in Joomla! 3.0.0 through 3.10.6 & 4.0.0 through 4.1.0. | 5.3 |
| 2022-03-23 | CVE-2022-24731 | Information Exposure Through an Error Message vulnerability in Argoproj Argo CD Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. | 4.9 |
| 2022-03-10 | CVE-2021-35251 | Information Exposure Through an Error Message vulnerability in Solarwinds web Help Desk Sensitive information could be displayed when a detailed technical error message is posted. | 5.3 |
| 2022-03-04 | CVE-2021-46353 | Information Exposure Through an Error Message vulnerability in Dlink Dir-X1860 Firmware 1.03 An information disclosure in web interface in D-Link DIR-X1860 before 1.03 RevA1 allows a remote unauthenticated attacker to send a specially crafted HTTP request and gain knowledge of different absolute paths that are being used by the web application. | 5.3 |