PT-2019-10444 · Home Assistant · Home Assistant

Matt Hamilton

Publicado

2019-09-23

Atualizado

2022-05-24

CVE-2018-21019

CVSS v4.0

8.7

Alta

Vetor

AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Name of the Vulnerable Software and Affected Versions Home Assistant versions prior to 0.67.0

Description The issue allows an unauthenticated attacker to read the application's error log via the components/api.py component.

Recommendations For versions prior to 0.67.0, update to version 0.67.0 or later to resolve the issue.

Correção

Information Disclosure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

CVE-2018-21019

GHSA-MH78-8F49-VJG3

PYSEC-2019-221

Home Assistant