CVE-2019-5483
MEDIUMSeneca < 3.9.0 - Unauthorized Exposure of Environment Variables
Title source: llmDescription
Seneca < 3.9.0 contains a vulnerability that could lead to exposing environment variables to unauthorized users.
References (1)
Core 1
Core References
Exploit, Issue Tracking, Third Party Advisory x_refsource_misc
https://hackerone.com/reports/526258
Scores
CVSS v3
5.3
EPSS
0.0118
EPSS Percentile
63.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Details
CWE
CWE-209
Status
published
Products (2)
npm/seneca
0 - 3.9.0npm
senecajs/seneca
< 3.9.0
Published
Sep 09, 2019
Tracked Since
Feb 18, 2026