Headline
GHSA-3w3h-7xgx-grwc: Leakage Aliyun KeySecret
Impact
Users of this library will be affected when using this library, the incoming secret will be disclosed unintentionally
Patches
This have already been solved.
Workarounds
No, It cannot be patched without upgrading
References
No
For more information
If you have any questions or comments about this advisory:
- Email us at email address
Package
cargo aliyun-oss-client (Rust)
Affected versions
< 0.8.1
Description
Impact
Users of this library will be affected when using this library, the incoming secret will be disclosed unintentionally
Patches
This have already been solved.
Workarounds
No, It cannot be patched without upgrading
References
No
For more information
If you have any questions or comments about this advisory:
- Email us at email address
References
- GHSA-3w3h-7xgx-grwc
- tu6ge/oss-rs@e4553f7
Severity
CVSS base metrics
User interaction
Required
CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:N
Weaknesses
GHSA ID
GHSA-3w3h-7xgx-grwc
Source code
Related news
aliyun-oss-client is a rust client for Alibaba Cloud OSS. Users of this library will be affected, the incoming secret will be disclosed unintentionally. This issue has been patched in version 0.8.1.