GHSA-whph-446h-6m9v

Source

https://github.com/advisories/GHSA-whph-446h-6m9v

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/04/GHSA-whph-446h-6m9v/GHSA-whph-446h-6m9v.json

JSON Data

https://api.test.osv.dev/v1/vulns/GHSA-whph-446h-6m9v

Aliases

CVE-2022-26907

Published

2022-04-16T00:00:28Z

Modified

2023-11-01T04:58:27.945407Z

Severity

5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

Azure SDK for .NET Information Disclosure Vulnerability.

Details

Azure SDK for .NET Information Disclosure Vulnerability via undisclosed methods relating to lack of sanitization of exception messages.

Database specific

{
    "cwe_ids": [
        "CWE-532"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-07-07T21:30:44Z",
    "severity": "MODERATE",
    "nvd_published_at": "2022-04-15T19:15:00Z"
}

References

Affected packages

NuGet / Microsoft.Rest.ClientRuntime

Package

Name: Microsoft.Rest.ClientRuntime; View open source insights on deps.dev
Purl: pkg:nuget/Microsoft.Rest.ClientRuntime

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.3.24

Affected versions

0.*

0.9.4

0.9.5

0.9.6

1.*

1.0.0

1.0.1

1.0.2

1.0.3

1.1.0

1.1.1

1.2.0

1.3.0

1.4.0

1.4.1

1.5.0

1.6.0

1.8.0

1.8.1

1.8.2

1.9.0

2.*

2.0.0

2.0.1

2.1.0

2.2.0

2.3.0

2.3.1

2.3.2

2.3.3

2.3.4

2.3.5

2.3.6

2.3.7

2.3.8

2.3.9

2.3.10

2.3.11

2.3.12

2.3.13

2.3.14

2.3.15

2.3.16

2.3.17

2.3.18

2.3.19

2.3.20

2.3.21

2.3.22

2.3.23

Database specific

source

"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/04/GHSA-whph-446h-6m9v/GHSA-whph-446h-6m9v.json"