CVE Vulnerabilities

CVE-2024-36589

Cleartext Storage of Sensitive Information

Published: Jun 13, 2024 | Modified: Nov 25, 2024
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

An issue in Annonshop.app DecentralizeJustice/anonymousLocker commit 2b2b4 to ba9fd and DecentralizeJustice/anonBackend commit 57837 to cd815 was discovered to store credentials in plaintext.

Weakness

The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.

Potential Mitigations

References