CVE-2024-1102

A vulnerability was found in jberet-core logging. An exception in 'dbProperties' might display user credentials such as the username and password for the database-connection.

Database specific

{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/1xxx/CVE-2024-1102.json",
    "cwe_ids": [
        "CWE-523"
    ],
    "cna_assigner": "redhat"
}

References

Affected packages

Git / github.com/jberet/jsr352

Affected ranges

Type

GIT

Repo

https://github.com/jberet/jsr352

Events

Introduced

Fixed

c87e850fab49a5afea04bc750b133c2b53b4f9a0

Database specific

{
    "source": [
        "AFFECTED_FIELD",
        "CPE_RANGE"
    ],
    "cpe": "cpe:2.3:a:jberet:jberet:*:*:*:*:*:*:*:*",
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "fixed": "2.2.1"
        },
        {
            "introduced": "0"
        },
        {
            "fixed": "2.2.1"
        }
    ]
}

Affected versions

1.*

1.0.0.Alpha1

1.0.0.Alpha2

1.0.0.Alpha3

1.0.0.Alpha4

1.0.0.Beta1

1.0.0.Beta2

1.0.0.CR1

1.0.0.CR2

1.0.0.Final

1.0.1.Beta

1.0.1.CR1

1.0.1.CR2

1.0.1.Final

1.0.2.Final

1.1.0.Alpha1

1.1.0.Alpha2

1.1.0.Alpha3

1.1.0.Beta1

1.1.0.Final

1.2.0.Alpha1

1.2.0.Alpha2

1.2.0.Beta1

1.2.0.Final

1.3.0.Alpha1

1.3.0.Beta1

1.3.0.Beta2

1.3.0.Beta3

1.3.0.Beta4

1.3.0.Beta5

1.3.0.Beta6

1.3.0.Beta7

1.3.0.Final

1.4.0.Alpha

1.4.0.Final

1.4.1.Final

1.4.2.Final

1.4.3.Final

2.*

2.0.0.Final

2.0.1.Final

2.0.2.Final

2.0.3.Final

2.0.4.Final

2.0.5.Final

2.1.0.Beta1

2.1.0.Final

2.1.1.Final

2.1.2.Final

2.2.0.Final

Other

list

with-job-inheritance

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-1102.json"