org.infinispan:infinispan-cli-client@9.2.4.Final vulnerabilities

latest version

16.0.0.Dev02

latest non vulnerable version

16.0.0.Dev02

first published

13 years ago

latest version published

10 days ago

licenses detected

Apache-2.0
[6.0.0.Alpha1,)

package registry

View on Maven Central Repository

Go back to all versions of this package

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the org.infinispan:infinispan-cli-client package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability Vulnerable Version

Vulnerability	Vulnerable Version
M Information Exposure Affected versions of this package are vulnerable to Information Exposure via the `execute` function in the `CliRuntimeRunner.java` file, which is included in a command string and may be exposed in an error message if a command is not found. An attacker can obtain sensitive credential information by triggering error conditions that cause the command string to be displayed. How to fix Information Exposure? Upgrade `org.infinispan:infinispan-cli-client` to version 15.0.17.Final or higher.	[,15.0.17.Final)

Information Exposure

Affected versions of this package are vulnerable to Information Exposure via the execute function in the CliRuntimeRunner.java file, which is included in a command string and may be exposed in an error message if a command is not found. An attacker can obtain sensitive credential information by triggering error conditions that cause the command string to be displayed.

How to fix Information Exposure?

Upgrade org.infinispan:infinispan-cli-client to version 15.0.17.Final or higher.

[,15.0.17.Final)

Go back to all versions of this package