Description
The product provides different responses to incoming requests in a way that reveals internal state information to an unauthorized actor outside of the intended control sphere.
CVE vulnerabilities with CWE-204 (161)
9.3
CVSS
CRITICAL
CVE-2018-25350
pub. 2026-05-23
9.1
CVSS
CRITICAL
CVE-2026-33419
pub. 2026-03-24
8.8
CVSS
HIGH
CVE-2025-5485
pub. 2025-06-12
7.5
CVSS
HIGH
CVE-2025-46390
pub. 2025-08-06
7.5
CVSS
HIGH
CVE-2025-3092
pub. 2025-06-24
7.5
CVSS
HIGH
CVE-2021-20049
pub. 2021-12-23
7.5
CVSS
HIGH
CVE-2021-34580
pub. 2021-10-27
7.2
CVSS
HIGH
CVE-2026-4113
pub. 2026-04-09
7.1
CVSS
HIGH
CVE-2025-61907
pub. 2025-10-16
6.9
CVSS
MEDIUM
CVE-2026-53908
pub. 2026-07-01
6.9
CVSS
MEDIUM
CVE-2026-54445
pub. 2026-06-17
6.9
CVSS
MEDIUM
CVE-2025-69243
pub. 2026-03-16
6.9
CVSS
MEDIUM
CVE-2019-25338
pub. 2026-02-12
6.9
CVSS
MEDIUM
CVE-2025-67874
pub. 2025-12-16
6.9
CVSS
MEDIUM
CVE-2021-47717
pub. 2025-12-09
6.9
CVSS
MEDIUM
CVE-2025-40806
pub. 2025-12-09
6.9
CVSS
MEDIUM
CVE-2025-59116
pub. 2025-11-18
6.9
CVSS
MEDIUM
CVE-2025-34155
pub. 2025-10-23
6.9
CVSS
MEDIUM
CVE-2025-62236
pub. 2025-10-23
6.9
CVSS
MEDIUM
CVE-2025-34254
pub. 2025-10-16
Showing 20 of 161 vulnerabilities