Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

GHSA-mxmf-v24g-56jq

GitHub Security Advisory

⚠ Unreviewed MODERATE Has CVE
View on GitHub

Advisory Details

Exposure of Sensitive Information to an Unauthorized Actor vulnerability was discovered in Open Design Alliance CDE inWEB SDK before 2025.3. Installing CDE Server with default settings allows unauthorized users to visit prometheus metrics page. This can allow attackers to understand more things about the target application which may help in further investigation and exploitation.

Related CVEs

CVE-2024-12564

Key Information

GHSA ID
GHSA-mxmf-v24g-56jq
Published
December 12, 2024 9:31 AM
Last Modified
December 12, 2024 9:31 AM
CVSS Score
5.0 /10
Primary Ecosystem
Unknown
Primary Package
Unknown
GitHub Reviewed
✗ No

Dataset

Last updated: September 9, 2025 6:37 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.