CWE-209 (通过错误消息导致的信息暴露) — Vulnerability Class 293

293 vulnerabilities classified as CWE-209 (通过错误消息导致的信息暴露). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2023-28514	IBM MQ information disclosure — MQ	6.2	Medium	2023-05-19
CVE-2023-27860	IBM Maximo Asset Management information disclosure — Maximo Asset Management	5.3	Medium	2023-04-27
CVE-2023-29193	SpiceDB binding metrics port to untrusted networks and can leak command-line flags — spicedb	8.7	High	2023-04-14
CVE-2022-4770	Hitachi Vantara Pentaho Business Analytics Server - Generation of Error Message Containing Sensitive Information — Pentaho Business Analytics Server	4.3	Medium	2023-04-03
CVE-2022-4769	Hitachi Vantara Pentaho Business Analytics Server - Generation of Error Message Containing Sensitive Information — Pentaho Business Analytics Server	4.3	Medium	2023-04-03
CVE-2023-25687	IBM Security Key Lifecycle Manager information disclosure — Security Key Lifecycle Manager	4.3	Medium	2023-03-21
CVE-2023-25695	Information disclosure in Apache Airflow — Apache Airflow	5.3	-	2023-03-15
CVE-2023-27587	ReadtoMyShoe 安全漏洞 — readtomyshoe	7.4	High	2023-03-13
CVE-2023-26052	Saleor is vulnerable to unauthenticated information disclosure via Python exceptions — saleor	3.7	Low	2023-03-02
CVE-2023-26051	Saleor is vulnerable to staff-authenticated error message information disclosure vulnerability via Python exceptions — saleor	6.5	Medium	2023-03-02
CVE-2020-5026	IBM Financial Transaction Manager 安全漏洞 — Financial Transaction Manager	4.3	Medium	2023-03-01
CVE-2023-25956	Apache Airflow AWS Provider: Arbitrary file read via AWS provider — Apache Airflow AWS Provider	5.3	-	2023-02-24
CVE-2023-0655	SonicWall Email 安全漏洞 — SonicWall Email Security	5.3	-	2023-02-14
CVE-2022-46675	Dell Wyse Management Suite 安全漏洞 — Wyse Management Suite	5.3	Medium	2023-02-10
CVE-2015-10012	sumocoders FrameworkUserBundle login.html.twig information exposure — FrameworkUserBundle	3.5	Low	2023-01-03
CVE-2022-22449	IBM Security Verify Governance, Identity Manager information disclosure — Security Verify Governance, Identity Manager	5.3	Medium	2022-12-22
CVE-2022-39304	ghinstallation returns app JWT in error responses — ghinstallation	5.0	Medium	2022-12-20
CVE-2022-34881	Information Exposure Vulnerability in JP1/Automatic Operation — JP1/Automatic Operation	3.3	Low	2022-12-06
CVE-2022-40292	Unauthenticated username enumeration in PHP Point of Sale version 19.0, by PHP Point of Sale, LLC. — PHP Point of Sale	5.3	-	2022-10-31
CVE-2022-38107	Sensitive Data Disclosure Vulnerability — SQL Sentry	5.3	Medium	2022-10-19
CVE-2021-27774	An injection vulnerability affects HCL Digital Experience — HCL Digital Experience	3.1	Low	2022-09-22
CVE-2022-34882	Information Exposure Vulnerability in RAID Manager Storage Replication Adapter — RAID Manager Storage Replication Adapter	9.0	Critical	2022-09-06
CVE-2022-33930	Dell Wyse Management Suite 安全漏洞 — Wyse Management Suite	4.3	Medium	2022-08-10
CVE-2022-31189	"Internal System Error" page in DSpace JSPUI prints exceptions and stack traces without sanitization — DSpace	5.3	Medium	2022-08-01
CVE-2022-31140	Valinor error messages leading to potential data exfiltration — Valinor	7.5	High	2022-07-11
CVE-2022-31124	Possible leak of key's raw field if declared length is incorrect in openssh_key_parser — openssh_key_parser	7.7	High	2022-07-06
CVE-2022-31229	Dell PowerScale OneFS 安全漏洞 — PowerScale OneFS	9.6	Critical	2022-06-28
CVE-2022-2062	Generation of Error Message Containing Sensitive Information in nocodb/nocodb — nocodb/nocodb	7.5	-	2022-06-13
CVE-2022-31023	Dev error stack trace leaking into prod in Play Framework — playframework	5.9	Medium	2022-06-02
CVE-2022-29266	apisix/jwt-auth may leak secrets in error response — Apache APISIX	7.5	-	2022-04-20

Vulnerabilities classified as CWE-209 (通过错误消息导致的信息暴露) represent 293 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-209 (通过错误消息导致的信息暴露) — Vulnerability Class 293