CVEbaza.plCWE DictionaryCWE-535
Common Weakness Enumeration

CWE-535

Exposure of Information Through Shell Error Message

Category: VariantCVE: 2
Description

A command shell error message indicates that there exists an unhandled exception in the web application code. In many cases, an attacker can leverage the conditions that cause these errors in order to gain unauthorized access to the system.

CVE vulnerabilities with CWE-535 (2)
5.8
CVSS
MEDIUM
CVE-2023-1098

An information disclosure vulnerability has been discovered in GitLab EE/CE affecting all versions starting from 11.5 before 15.8.5, all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1 will allow an admin to leak password from repository mirror configuration.

pub. 2023-04-05
3.1
CVSS
LOW
CVE-2022-3375

An issue has been discovered in GitLab affecting all versions starting from 11.10 before 15.8.5, all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1. It was possible to disclose the branch names when attacker has a fork of a project that was switched to private.

pub. 2023-04-05
Information
ID: CWE-535
Type: Variant
Vulnerabilities: 2
MITRE CWE ↗
← CWE Dictionary