Vulnerability Database

Published: Dec 25, 2022
Updated: May 9, 2024
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2022-44381" target="_blank" rel="noopener"> CVE-2022-44381
GHSA: <a href="https://github.com/advisories/GHSA-qqv9-gqh5-7h99" target="_blank" rel="noopener"> GHSA-qqv9-gqh5-7h99
Severity: Medium
Exploit:

296,702

Total vulnerabilities in the database

Snipe-IT through 6.0.14 allows attackers to check whether a user account exists because of response variations in a /password/reset request.

CVSS v3:

CWEs:

Software	From	Fixed in
snipeitapp / snipe-it	-	6.0.14.x
snipe / snipe-it	-	6.0.14.x

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.