Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

CVEProject Security Vulnerabilities

cve
cve

CVE-2022-31004

CVEProject/cve-services is an open source project used to operate the CVE services API. A conditional in 'data.js' has potential for production secrets to be written to disk. The affected method writes the generated randomKey to disk if the environment is not development. If this method were...

7.5CVSS

7.6AI Score

0.002EPSS

2022-06-02 02:15 PM
566
2
cve
cve

CVE-2022-24875

The CVEProject/cve-services is an open source project used to operate the CVE services api. In versions up to and including 1.1.1 the org.conroller.js code would erroneously log user secrets. This has been resolved in commit 46d98f2b and should be available in subsequent versions of the software......

7.5CVSS

7.6AI Score

0.001EPSS

2022-04-21 06:15 PM
624