| Vulnerable Component Details | |||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Type | Namespace | Name | Version | Package URL | |||||||||||||||||||
| npm | @ngx-prism | core | 2.0.1 | pkg:npm/%40ngx-prism/core@2.0.1?package-id=3d7750411bcf4fdf | |||||||||||||||||||
| Vulnerability Details | |||||||||||||||||||||||
| ID | CVE-2020-15235 | ||||||||||||||||||||||
| Description | In RACTF before commit f3dc89b, unauthenticated users are able to get the value of sensitive config keys that would normally be hidden to everyone except admins. All versions after commit f3dc89b9f6ab1544a289b3efc06699b13d63e0bd(3/10/20) are patched. | ||||||||||||||||||||||
| Ratings |
|
||||||||||||||||||||||
| Found By | Anchore Grype | ||||||||||||||||||||||
| References / Advisories | |||||||||||||||||||||||