Skip to main content

Rhodecode Enterprise

2 CVEs product

Monthly

CVE-2015-1613 PyPI MEDIUM PATCH This Month

RhodeCode before 2.2.7 allows remote authenticated users to obtain API keys and other sensitive information via the (1) update_repo, (2) get_locks, or (3) get_user_groups API method. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Rhodecode Enterprise
NVD
CVSS 2.0
4.0
EPSS
0.2%
CVE-2015-0260 PyPI MEDIUM POC PATCH This Month

RhodeCode before 2.2.7 and Kallithea 0.1 allows remote authenticated users to obtain API keys and other sensitive information via the get_repo API method. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Kallithea Rhodecode Enterprise
NVD
CVSS 2.0
4.0
EPSS
0.3%
EPSS 0% CVSS 4.0
MEDIUM PATCH This Month

RhodeCode before 2.2.7 allows remote authenticated users to obtain API keys and other sensitive information via the (1) update_repo, (2) get_locks, or (3) get_user_groups API method. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Rhodecode Enterprise
NVD
EPSS 0% CVSS 4.0
MEDIUM POC PATCH This Month

RhodeCode before 2.2.7 and Kallithea 0.1 allows remote authenticated users to obtain API keys and other sensitive information via the get_repo API method. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Kallithea Rhodecode Enterprise
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy