2 results (0.003 seconds)

CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 0

The health endpoint is public so everybody can see a list of all services. It is potentially valuable information for attackers. El endpoint de salud es público, por lo que todos pueden ver una lista de todos los servicios. Es información potencialmente valiosa para los atacantes. • https://github.com/zowe/api-layer • CWE-312: Cleartext Storage of Sensitive Information •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

A vulnerability in Imperative framework which allows already-privileged local actors to execute arbitrary shell commands via plugin install/update commands, or maliciously formed environment variables. Impacts Zowe CLI. • https://github.com/zowe/imperative •