| Title | microsoft/JARVIS has a sensitive information disclosure vulnerability |
|---|
| Description | This vulnerability affects all versions of microsoft/JARVIS to date, and there is a sensitive information leakage vulnerability. This security vulnerability will expose configuration files, source code, and other information deployed in public networks, including users' Open AI Keys. As of now, through asset mapping detection, more than 1,100 personal users or commercial products have deployed microsoft/JARVIS assets exposed to the Internet, which may be at risk.
Already published at https://github.com/eggdkk/Security_Test/blob/main/README.md |
|---|
| Source | ⚠️ https://github.com/eggdkk/Security_Test/blob/main/README.md |
|---|
| User | dkkk (UID 44836) |
|---|
| Submission | 05/12/2023 16:52 (3 years ago) |
|---|
| Moderation | 05/27/2023 09:21 (15 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 230080 [Microsoft Jarvis Configuration File information disclosure] |
|---|
| Points | 20 |
|---|