PyPI: veronica-core
SFTY-20260310-61984
Safety legacy ID: pyup.io-88834
Affected versions of this package are vulnerable to Information Disclosure. Multiple components (`retry`, `governor`, `execution_context`, `key_providers`, `verifier`) include full exception messages in error responses and logs, potentially exposing internal URLs, credentials, or stack details. An attacker can exploit this vulnerability by triggering errors to obtain sensitive information about the application's internal configuration and infrastructure.
Overview
Affected versions of this package are vulnerable to Information Disclosure. Multiple components (`retry`, `governor`, `execution_context`, `key_providers`, `verifier`) include full exception messages in error responses and logs, potentially exposing internal URLs, credentials, or stack details. An attacker can exploit this vulnerability by triggering errors to obtain sensitive information about the application's internal configuration and infrastructure.
Advisory
Affected versions of this package are vulnerable to Information Disclosure. Multiple components (`retry`, `governor`, `execution_context`, `key_providers`, `verifier`) include full exception messages in error responses and logs, potentially exposing internal URLs, credentials, or stack details. An attacker can exploit this vulnerability by triggering errors to obtain sensitive information about the application's internal configuration and infrastructure.
How to Fix
Mitigation and Workarounds
---
Vulnerable Functions
Functions linked to known vulnerabilities.
Verified by Safety
Our Cybersecurity Intelligence Team reviewed this vulnerability. We combine public data with our own research to find issues not yet reported to public sources.
Learn more