Количество 2
Количество 2
CVE-2016-10530
The airbrake module 0.3.8 and earlier defaults to sending environment variables over HTTP. Environment variables can often times contain secret keys and other sensitive values. A malicious user could be on the same network as a regular user and intercept all the secret keys the user is sending. This goes against common best practice, which is to use HTTPS.
GHSA-856x-cp3q-47vg
Insecure Default Configuration in airbrake
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2016-10530 The airbrake module 0.3.8 and earlier defaults to sending environment variables over HTTP. Environment variables can often times contain secret keys and other sensitive values. A malicious user could be on the same network as a regular user and intercept all the secret keys the user is sending. This goes against common best practice, which is to use HTTPS. | CVSS3: 5.9 | 0% Низкий | больше 7 лет назад |
| GHSA-856x-cp3q-47vg Insecure Default Configuration in airbrake | 0% Низкий | почти 7 лет назад |
Уязвимостей на страницу