CWE-531

Inclusion of Sensitive Information in Test Code

2 CVEs Avg CVSS 5.3 MITRE
0
CRITICAL
0
HIGH
2
MEDIUM
0
LOW
0
POC
0
KEV

Monthly

CVE-2024-42213 MEDIUM This Month

HCL BigFix Compliance is affected by inclusion of temporary files left in the production environment. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Bigfix Compliance
NVD
CVSS 3.1
5.3
EPSS
0.3%
CVE-2025-43717 MEDIUM PATCH This Month

In PEAR HTTP_Request2 before 2.7.0, multiple files in the tests directory, notably tests/_network/getparameters.php and tests/_network/postparameters.php, reflect any GET or POST parameters, leading. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

PHP XSS
NVD GitHub
CVSS 3.1
5.4
EPSS
0.3%
CVE-2024-42213
EPSS 0% CVSS 5.3
MEDIUM This Month

HCL BigFix Compliance is affected by inclusion of temporary files left in the production environment. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Bigfix Compliance
NVD
CVE-2025-43717
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

In PEAR HTTP_Request2 before 2.7.0, multiple files in the tests directory, notably tests/_network/getparameters.php and tests/_network/postparameters.php, reflect any GET or POST parameters, leading. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

PHP XSS
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy