Headline

GHSA-3w3h-7xgx-grwc: Leakage Aliyun KeySecret

Impact

Users of this library will be affected when using this library, the incoming secret will be disclosed unintentionally

Patches

This have already been solved.

Workarounds

No, It cannot be patched without upgrading

References

For more information

If you have any questions or comments about this advisory:

Email us at email address

2 years ago

ghsa

Open in Source

Package

cargo aliyun-oss-client (Rust)

Affected versions

< 0.8.1

Description

Impact

Users of this library will be affected when using this library, the incoming secret will be disclosed unintentionally

Patches

This have already been solved.

Workarounds

No, It cannot be patched without upgrading

References

For more information

If you have any questions or comments about this advisory:

Email us at email address

References

GHSA-3w3h-7xgx-grwc
tu6ge/oss-rs@e4553f7

Severity

CVSS base metrics

User interaction

Required

CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:N

Weaknesses

GHSA ID

GHSA-3w3h-7xgx-grwc

Source code

aliyun-oss-client is a rust client for Alibaba Cloud OSS. Users of this library will be affected, the incoming secret will be disclosed unintentionally. This issue has been patched in version 0.8.1.

2 years ago

CVE

Open in Source

#alibaba #auth #ssh

ghsa: Latest News

GHSA-49cc-xrjf-9qf7: SFTPGo allows administrators to restrict command execution from the EventManager

16 hours ago

ghsa

GHSA-rmxg-6qqf-x8mr: GeoNode Server Side Request forgery

17 hours ago

ghsa

GHSA-5cph-wvm9-45gj: Flowise OverrideConfig security vulnerability

17 hours ago

ghsa

GHSA-hj3w-wrh4-44vp: LLama Factory Remote OS Command Injection Vulnerability

17 hours ago

ghsa

GHSA-jh6x-7xfg-9cq2: Searching Opencast may cause a denial of service

1 day ago

ghsa

Headline

GHSA-3w3h-7xgx-grwc: Leakage Aliyun KeySecret

Impact

Patches

Workarounds

References

For more information

Related news

ghsa: Latest News