CWE-209
Generation of Error Message Containing Sensitive Information
Description
The product generates an error message that includes sensitive information about its environment, users, or associated data.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-215 · CAPEC-463 · CAPEC-54 · CAPEC-7
CVEs mapped to this weakness (189)
page 5 of 10| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-52641 | Low | 0.19 | 2.9 | 0.00 | Apr 15, 2026 | HCL AION is affected by a vulnerability where certain system behaviours may allow exploration of internal filesystem structures. Exposure of such information may provide insights into the underlying environment, which could potentially aid in further targeted actions or limited… | ||
| CVE-2025-49128 | Med | 0.19 | 4.0 | 0.00 | Jun 6, 2025 | Jackson-core contains core low-level incremental ("streaming") parser and generator abstractions used by Jackson Data Processor. Starting in version 2.0.0 and prior to version 2.13.0, a flaw in jackson-core's `JsonLocation._appendSourceDesc` method allows up to 500 bytes of… | ||
| CVE-2026-5511 | Low | 0.18 | 2.7 | 0.00 | May 19, 2026 | In the web management interface of Archer AX72 (SG) v1, the network diagnostic feature improperly handles invalid user input, resulting in limited exposure of diagnostic command usage information. An authenticated attacker with administrative privileges could exploit this… | ||
| CVE-2025-13596 | Low | 0.18 | — | 0.00 | Nov 24, 2025 | A sensitive information disclosure vulnerability exists in the error handling component of ATISoluciones CIGES Application version 2.15.6 and earlier. When certain unexpected conditions trigger unhandled exceptions, the application returns detailed error messages and stack… | ||
| CVE-2026-4633 | Low | 0.17 | 3.7 | 0.00 | Mar 23, 2026 | A flaw was found in Keycloak. A remote attacker can exploit differential error messages during the identity-first login flow when Organizations are enabled. This vulnerability allows an attacker to determine the existence of users, leading to information disclosure through user… | ||
| CVE-2024-35232 | — | Low | 0.17 | 3.7 | 0.01 | May 24, 2024 | github.com/huandu/facebook is a Go package that fully supports the Facebook Graph API with file upload, batch request and marketing API. access_token can be exposed in error message on fail in HTTP request. This issue has been patched in version 2.7.2. | |
| CVE-2025-55250 | Low | 0.12 | 1.8 | 0.00 | Jan 19, 2026 | HCL AION version 2 is affected by a Technical Error Disclosure vulnerability. This can expose sensitive technical details, potentially resulting in information disclosure or aiding further attacks. | ||
| CVE-2021-22145 | 0.08 | — | 0.76 | Jul 21, 2021 | A memory disclosure vulnerability was identified in Elasticsearch 7.10.0 to 7.13.3 error reporting. A user with the ability to submit arbitrary queries to Elasticsearch could submit a malformed query that would result in an error message returned containing previously used… | |||
| CVE-2010-3332 | 0.08 | — | 0.67 | Sep 22, 2010 | Microsoft .NET Framework 1.1 SP1, 2.0 SP1 and SP2, 3.5, 3.5 SP1, 3.5.1, and 4.0, as used for ASP.NET in Microsoft Internet Information Services (IIS), provides detailed error codes during decryption attempts, which allows remote attackers to decrypt and modify encrypted View… | |||
| CVE-2009-0815 | 0.06 | — | 0.42 | Mar 5, 2009 | The jumpUrl mechanism in class.tslib_fe.php in TYPO3 3.3.x through 3.8.x, 4.0 before 4.0.12, 4.1 before 4.1.10, 4.2 before 4.2.6, and 4.3alpha1 leaks a hash secret (juHash) in an error message, which allows remote attackers to read arbitrary files by including the hash in a… | |||
| CVE-2026-7860 | Low | 0.03 | — | 0.00 | May 19, 2026 | A possible information disclosure vulnerability exists in the Vaadin Maven plugin and Vaadin Gradle plugin that exposes the full set of environment variables in build logs whenever the frontend build process exits with a non-zero status. Because the build environment may contain… | ||
| CVE-2024-45440 | 0.03 | — | 0.09 | Aug 29, 2024 | core/authorize.php in Drupal 11.x-dev allows Full Path Disclosure (even when error logging is None) if the value of hash_salt is file_get_contents of a file that does not exist. | |||
| CVE-2002-2009 | 0.01 | — | 0.07 | Dec 31, 2002 | Apache Tomcat 4.0.1 allows remote attackers to obtain the web root path via HTTP requests for JSP files preceded by (1) +/, (2) >/, (3) </, and (4) %20/, which leaks the pathname in an error message. | |||
| CVE-2002-2008 | 0.01 | — | 0.07 | Dec 31, 2002 | Apache Tomcat 4.0.3 for Windows allows remote attackers to obtain the web root path via an HTTP request for a resource that does not exist, such as lpt9, which leaks the information in an error message. | |||
| CVE-2026-55375 | — | 0.00 | — | — | Jun 19, 2026 | ## Summary In affected versions, the OAuth2 token request sends `app_id`, `app_secret`, `refresh_token` and `code` as URL query parameters of the POST request to `https://oauth./oauth/api/oauth2/token`. Request URLs are commonly recorded in access logs, proxy… | ||
| CVE-2026-45723 | low | 0.00 | — | 0.00 | Jun 5, 2026 | ## Summary `managementServer.CreateSchematic` (`internal/backend/grpc/schematics.go`) passes the caller-controlled `TalosVersion` field directly to `imageFactoryClient.OverlaysVersions`, which embeds it verbatim into a `fmt.Sprintf("/version/%s/overlays/official",… | ||
| CVE-2026-28786 | 0.00 | — | 0.00 | Mar 26, 2026 | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.8.6, an unsanitized filename field in the speech-to-text transcription endpoint allows any authenticated non-admin user to trigger a `FileNotFoundError` whose… | |||
| CVE-2026-33192 | 0.00 | — | 0.00 | Mar 20, 2026 | Free5GC is an open-source Linux Foundation project for 5th generation (5G) mobile core networks. In versions prior to 1.4.2, the UDM incorrectly converts a downstream 400 Bad Request (from UDR) into a 500 Internal Server Error when handling PATCH requests with an empty supi path… | |||
| CVE-2026-33065 | 0.00 | — | 0.00 | Mar 20, 2026 | Free5GC is an open-source Linux Foundation project for 5th generation (5G) mobile core networks. In versions prior to 1.4.2, the UDM incorrectly converts a downstream 400 Bad Request (from UDR) into a 500 Internal Server Error when handling DELETE requests with an empty supi… | |||
| CVE-2026-30835 | 0.00 | — | 0.00 | Mar 6, 2026 | Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.7 and 9.5.0-alpha.6, malformed $regex query parameter (e.g. [abc) causes the database to return a structured error object that is passed unsanitized… |
- risk 0.19cvss 2.9epss 0.00
HCL AION is affected by a vulnerability where certain system behaviours may allow exploration of internal filesystem structures. Exposure of such information may provide insights into the underlying environment, which could potentially aid in further targeted actions or limited…
- risk 0.19cvss 4.0epss 0.00
Jackson-core contains core low-level incremental ("streaming") parser and generator abstractions used by Jackson Data Processor. Starting in version 2.0.0 and prior to version 2.13.0, a flaw in jackson-core's `JsonLocation._appendSourceDesc` method allows up to 500 bytes of…
- risk 0.18cvss 2.7epss 0.00
In the web management interface of Archer AX72 (SG) v1, the network diagnostic feature improperly handles invalid user input, resulting in limited exposure of diagnostic command usage information. An authenticated attacker with administrative privileges could exploit this…
- risk 0.18cvss —epss 0.00
A sensitive information disclosure vulnerability exists in the error handling component of ATISoluciones CIGES Application version 2.15.6 and earlier. When certain unexpected conditions trigger unhandled exceptions, the application returns detailed error messages and stack…
- risk 0.17cvss 3.7epss 0.00
A flaw was found in Keycloak. A remote attacker can exploit differential error messages during the identity-first login flow when Organizations are enabled. This vulnerability allows an attacker to determine the existence of users, leading to information disclosure through user…
- risk 0.17cvss 3.7epss 0.01
github.com/huandu/facebook is a Go package that fully supports the Facebook Graph API with file upload, batch request and marketing API. access_token can be exposed in error message on fail in HTTP request. This issue has been patched in version 2.7.2.
- risk 0.12cvss 1.8epss 0.00
HCL AION version 2 is affected by a Technical Error Disclosure vulnerability. This can expose sensitive technical details, potentially resulting in information disclosure or aiding further attacks.
- CVE-2021-22145Jul 21, 2021risk 0.08cvss —epss 0.76
A memory disclosure vulnerability was identified in Elasticsearch 7.10.0 to 7.13.3 error reporting. A user with the ability to submit arbitrary queries to Elasticsearch could submit a malformed query that would result in an error message returned containing previously used…
- CVE-2010-3332Sep 22, 2010risk 0.08cvss —epss 0.67
Microsoft .NET Framework 1.1 SP1, 2.0 SP1 and SP2, 3.5, 3.5 SP1, 3.5.1, and 4.0, as used for ASP.NET in Microsoft Internet Information Services (IIS), provides detailed error codes during decryption attempts, which allows remote attackers to decrypt and modify encrypted View…
- CVE-2009-0815Mar 5, 2009risk 0.06cvss —epss 0.42
The jumpUrl mechanism in class.tslib_fe.php in TYPO3 3.3.x through 3.8.x, 4.0 before 4.0.12, 4.1 before 4.1.10, 4.2 before 4.2.6, and 4.3alpha1 leaks a hash secret (juHash) in an error message, which allows remote attackers to read arbitrary files by including the hash in a…
- risk 0.03cvss —epss 0.00
A possible information disclosure vulnerability exists in the Vaadin Maven plugin and Vaadin Gradle plugin that exposes the full set of environment variables in build logs whenever the frontend build process exits with a non-zero status. Because the build environment may contain…
- CVE-2024-45440Aug 29, 2024risk 0.03cvss —epss 0.09
core/authorize.php in Drupal 11.x-dev allows Full Path Disclosure (even when error logging is None) if the value of hash_salt is file_get_contents of a file that does not exist.
- CVE-2002-2009Dec 31, 2002risk 0.01cvss —epss 0.07
Apache Tomcat 4.0.1 allows remote attackers to obtain the web root path via HTTP requests for JSP files preceded by (1) +/, (2) >/, (3) </, and (4) %20/, which leaks the pathname in an error message.
- CVE-2002-2008Dec 31, 2002risk 0.01cvss —epss 0.07
Apache Tomcat 4.0.3 for Windows allows remote attackers to obtain the web root path via an HTTP request for a resource that does not exist, such as lpt9, which leaks the information in an error message.
- CVE-2026-55375Jun 19, 2026risk 0.00cvss —epss —
## Summary In affected versions, the OAuth2 token request sends `app_id`, `app_secret`, `refresh_token` and `code` as URL query parameters of the POST request to `https://oauth./oauth/api/oauth2/token`. Request URLs are commonly recorded in access logs, proxy…
- risk 0.00cvss —epss 0.00
## Summary `managementServer.CreateSchematic` (`internal/backend/grpc/schematics.go`) passes the caller-controlled `TalosVersion` field directly to `imageFactoryClient.OverlaysVersions`, which embeds it verbatim into a `fmt.Sprintf("/version/%s/overlays/official",…
- CVE-2026-28786Mar 26, 2026risk 0.00cvss —epss 0.00
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.8.6, an unsanitized filename field in the speech-to-text transcription endpoint allows any authenticated non-admin user to trigger a `FileNotFoundError` whose…
- CVE-2026-33192Mar 20, 2026risk 0.00cvss —epss 0.00
Free5GC is an open-source Linux Foundation project for 5th generation (5G) mobile core networks. In versions prior to 1.4.2, the UDM incorrectly converts a downstream 400 Bad Request (from UDR) into a 500 Internal Server Error when handling PATCH requests with an empty supi path…
- CVE-2026-33065Mar 20, 2026risk 0.00cvss —epss 0.00
Free5GC is an open-source Linux Foundation project for 5th generation (5G) mobile core networks. In versions prior to 1.4.2, the UDM incorrectly converts a downstream 400 Bad Request (from UDR) into a 500 Internal Server Error when handling DELETE requests with an empty supi…
- CVE-2026-30835Mar 6, 2026risk 0.00cvss —epss 0.00
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.7 and 9.5.0-alpha.6, malformed $regex query parameter (e.g. [abc) causes the database to return a structured error object that is passed unsanitized…