Generation of Error Message Containing Sensitive Information in nocodb/nocodb
CVE-2022-2062

9.1CRITICAL

Key Information:

Vendor: Nocodb
Status: Nocodb/nocodb
Vendor: CVE Published:; 13 June 2022

What is CVE-2022-2062?

Generation of Error Message Containing Sensitive Information in GitHub repository nocodb/nocodb prior to 0.91.7+.

Affected Version(s)

nocodb/nocodb < 0.91.7+

References

https://huntr.dev/bounties/35593b4c-f127-4699-8ad3-f0b220...

https://github.com/nocodb/nocodb/commit/a18f5dd53811b9ec1...

CVSS V3.1

Score:

9.1

Severity:

CRITICAL

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Jun 13, 2022
Vulnerability Reserved
Jun 13, 2022

.