CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-38712

OneNav 0.9.12 allows Information Disclosure of the onenav.db3 contents. NOTE: the vendor's recommended solution is to block the access via an NGINX configuration file.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 46.9%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

https://github.com/helloxz/onenav/issues/25
https://github.com/helloxz/onenav/issues/25

Products affected by CVE-2021-38712

Onenav » Onenav » Version: 0.9.12

cpe:2.3:a:onenav:onenav:0.9.12

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-38712

Products

Pricing

Contact Us