Generation of Error Message Containing Sensitive Information in Packagist snipe/snipe-it prior to 5.3.11. https://huntr.dev/bounties/4ed99dab-5319-4b6b-919a-84a9acd0061a https://github.com/snipe/snipe-it/commit/178e44095141ab805c282f563fb088df1a10b2e2
Created python-snipeit tracking bugs for this issue: Affects: epel-all [bug 2055562] Affects: fedora-all [bug 2055563]
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.
What does 5.3.11 mean? There's no upstream release available for python-snipeit with that specific version.
(In reply to Raphael Groner from comment #3) > What does 5.3.11 mean? There's no upstream release available for > python-snipeit with that specific version. Ah no. There's definitely new upstream version available. Sorry for confusion.