exploitDog

CVE-2023-42509

Опубликовано: 07 мар. 2024

Источник: nvd

CVSS3: 6.6

CVSS3: 7.5

EPSS Низкий

Описание

JFrog Artifactory later than version 7.17.4 but prior to version 7.77.0 is vulnerable to an issue whereby a sequence of improperly handled exceptions in repository configuration initialization steps may lead to exposure of sensitive data.

Ссылки

https://jfrog.com/help/r/jfrog-release-information/jfrog-security-advisories
Vendor Advisory
https://jfrog.com/help/r/jfrog-release-information/jfrog-security-advisories
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:jfrog:artifactory:*:*:*:*:*:-:*:*

Версия от 7.17.4 (включая) до 7.77.0 (исключая)

EPSS

Процентиль: 51%

0.00275

Низкий

6.6 Medium

CVSS3

7.5 High

CVSS3

Дефекты

CWE-755

Связанные уязвимости

GHSA-3ccw-6p8h-92ch

CVSS3: 6.6

github

почти 2 года назад

JFrog Artifactory later than version 7.17.4 but prior to version 7.77.0 is vulnerable to an issue whereby a sequence of improperly handled exceptions in repository configuration initialization steps may lead to exposure of sensitive data.

EPSS

Процентиль: 51%

0.00275

Низкий

6.6 Medium

CVSS3

7.5 High

CVSS3

Дефекты

CWE-755