Vulnerabilities
Verbose error leaks stack trace
lowopenDescription
Unhandled errors return full stack traces to the client, disclosing internal paths and library versions.
Affected code
services/api/errors.gohttp.Error(w, err.Error(), 500) // leaks internals
Details
- Severity
- low
- CVSS
- 3.1
- CVE
- —
- CWE
- CWE-209
- File
- services/api/errors.go
- Status
- open
Remediation
No remediation generated yet. The engineer agent proposes a patch when this finding is triaged.