Lucene search
GitHub_MCVELIST:CVE-2022-39397HistoryNov 22, 2022 - 12:00 a.m.
CVE-2022-39397 Exposure of sensitive information in aliyun-oss-client
2022-11-2200:00:00
CWE-200
GitHub_M
www.cve.org
4
cve-2022-39397
alibaba cloud oss
sensitive information
CVSS3
5.6
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:N
EPSS
0.001
Percentile
19.4%
aliyun-oss-client is a rust client for Alibaba Cloud OSS. Users of this library will be affected, the incoming secret will be disclosed unintentionally. This issue has been patched in version 0.8.1.
CNA Affected
[
{
"vendor": "tu6ge",
"product": "oss-rs",
"versions": [
{
"version": "< 0.8.1",
"status": "affected"
}
]
}
]Related
osv
osv
CVE-2022-39397
2022-11-22 21:15:10
Leak in Aliyun KeySecret
2022-11-21 20:39:05
`aliyun-oss-client` secret exposure
2022-11-19 12:00:00
github
github
Leak in Aliyun KeySecret
2022-11-21 20:39:05
rustsec
rustsec
`aliyun-oss-client` secret exposure
2022-11-19 12:00:00
nvd
nvd
CVE-2022-39397
2022-11-22 21:15:10
prion
prion
Code injection
2022-11-22 21:15:00
cve
cve
CVE-2022-39397
2022-11-22 21:15:10
CVSS3
5.6
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:N
EPSS
0.001
Percentile
19.4%
Related for CVELIST:CVE-2022-39397