GHSA-mh78-8f49-vjg3
Suggest an improvement- Source
- https://github.com/advisories/GHSA-mh78-8f49-vjg3
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-mh78-8f49-vjg3/GHSA-mh78-8f49-vjg3.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-mh78-8f49-vjg3
- Aliases
- Published
- 2022-05-24T16:56:39Z
- Modified
- 2024-09-20T21:55:22.827706Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
- 8.7 (High) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N CVSS Calculator
- Summary
- Home Assistant information disclosure vulnerability
- Details
-
Home Assistant before 0.67.0 was vulnerable to an information disclosure that allowed an unauthenticated attacker to read the application's error log via components/api.py.
- Database specific
{ "github_reviewed_at": "2024-04-29T09:52:27Z", "nvd_published_at": "2019-09-23T16:15:00Z", "cwe_ids": [ "CWE-200" ], "severity": "HIGH", "github_reviewed": true }- References
-
- https://nvd.nist.gov/vuln/detail/CVE-2018-21019
- https://github.com/home-assistant/core/pull/13836
- https://github.com/home-assistant/home-assistant/pull/13836
- https://github.com/home-assistant/core/commit/598f093bf0fecdefaa3d95d1ddae71317a05321e
- https://github.com/home-assistant/core
- https://github.com/home-assistant/core/releases/tag/0.67.0
- https://github.com/home-assistant/home-assistant/releases/tag/0.67.0
- https://github.com/pypa/advisory-database/tree/main/vulns/homeassistant/PYSEC-2019-221.yaml
Affected packages
PyPI / homeassistant
Package
- Name
- homeassistant
- View open source insights on deps.dev
- Purl
- pkg:pypi/homeassistant
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed0.67.0
Affected versions
0.*
0.7.0rc1
0.7.0
0.7.0.1
0.7.1
0.7.2
0.7.3
0.7.4
0.7.5
0.7.6
0.7.7
0.8.0
0.9.0
0.9.1
0.10.0
0.10.1
0.11.0
0.11.1
0.12.0
0.13.0
0.13.1
0.14.0
0.14.1
0.14.2
0.15.0
0.16.0
0.16.1
0.17.0
0.17.1
0.17.2
0.17.3
0.18.0
0.18.2
0.19
0.19.1
0.19.2
0.19.3
0.19.4
0.20.0
0.20.1
0.20.2
0.20.3
0.21.0
0.21.1
0.21.2
0.22.0
0.22.1
0.23.0
0.23.1
0.24.0
0.24.1
0.25.0
0.25.1
0.25.2
0.26.0
0.26.1
0.26.2
0.26.3
0.27.0
0.27.1
0.27.2
0.28.0
0.28.1
0.28.2
0.29.0
0.29.1
0.29.2
0.29.3
0.29.4
0.29.5
0.29.6
0.29.7
0.30.0
0.30.1
0.30.2
0.31.0
0.31.1
0.32.0
0.32.1
0.32.2
0.32.3
0.32.4
0.33.0
0.33.1
0.33.2
0.33.3
0.33.4
0.34.0
0.34.1
0.34.2
0.34.3
0.34.4
0.34.5
0.35.0
0.35.1
0.35.2
0.35.3
0.36.0
0.36.1
0.37.0
0.37.1
0.38.0
0.38.1
0.38.2
0.38.3
0.38.4
0.39.0
0.39.1
0.39.2
0.39.3
0.40.0
0.40.1
0.40.2
0.41.0
0.42.0
0.42.1
0.42.2
0.42.3
0.42.4
0.43.0
0.43.1
0.43.2
0.44.0
0.44.1
0.45.0
0.45.1
0.46.0
0.46.1
0.47.0
0.47.1
0.48.0
0.48.1
0.49.0
0.49.1
0.50.1
0.50.2
0.51.0
0.51.1
0.51.2
0.52.0
0.52.1
0.53.0
0.53.1
0.54.0
0.55.0
0.55.1
0.56.0
0.56.1
0.56.2
0.57.0
0.57.1
0.57.2
0.57.3
0.58.0
0.58.1
0.59.0
0.59.1
0.59.2
0.60.0
0.60.1
0.61.0
0.61.1
0.62.0
0.62.1
0.63.0
0.63.1
0.63.2
0.63.3
0.64.0
0.64.1
0.64.2
0.64.3
0.64.4b0
0.65.0
0.65.1
0.65.2
0.65.3
0.65.4
0.65.5
0.65.6
0.66.0b0
0.66.0b1
0.66.0b2
0.66.0b3
0.66.0
0.66.1b0
0.66.1
0.67.0b0
0.67.0b1