-
Notifications
You must be signed in to change notification settings - Fork 272
Closed
Labels
All For OneSubmissions to the All for One, One for All bountySubmissions to the All for One, One for All bountyReviewed by the Lab 🧪GH Security Lab has rate the contributionGH Security Lab has rate the contribution
Description
CVE ID(s)
There's no CVE for this.
Report
I created a query to detect open (unauthenticated) Spring Boot actuators that can lead to sensitive information disclosure or even RCE.
The details are present in PR: github/codeql#2901
- Are you planning to discuss this vulnerability submission publicly? (Blog Post, social networks, etc). We would love to have you spread the word about the good work you are doing
Metadata
Metadata
Assignees
Labels
All For OneSubmissions to the All for One, One for All bountySubmissions to the All for One, One for All bountyReviewed by the Lab 🧪GH Security Lab has rate the contributionGH Security Lab has rate the contribution