CVE-2024-1102: Jberet: jberet-core logging database credentials
(updated )
A vulnerability was found in jberet-core logging. An exception in ‘dbProperties’ might display user credentials such as the username and password for the database-connection.
References
- access.redhat.com/errata/RHSA-2024:3580
- access.redhat.com/errata/RHSA-2024:3581
- access.redhat.com/errata/RHSA-2024:3583
- access.redhat.com/security/cve/CVE-2024-1102
- bugzilla.redhat.com/show_bug.cgi?id=2262060
- github.com/advisories/GHSA-9wmf-xf3h-r8pr
- github.com/jberet/jsr352
- github.com/jberet/jsr352/commit/eeef999663d7da0e372aeeeac26ecf7201a3121d
- github.com/jberet/jsr352/issues/452
- nvd.nist.gov/vuln/detail/CVE-2024-1102
Detect and mitigate CVE-2024-1102 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →