Lucene search
HistoryNov 22, 2022 - 9:15 p.m.
CVE-2022-39397
aliyun-oss-client
secret disclosure
patched issue
4.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
0.001 Low
EPSS
Percentile
19.5%
aliyun-oss-client is a rust client for Alibaba Cloud OSS. Users of this library will be affected, the incoming secret will be disclosed unintentionally. This issue has been patched in version 0.8.1.
Affected configurations
Node
aliyun-oss-client_projectaliyun-oss-clientRange<0.8.1
Related
osv
osv
`aliyun-oss-client` secret exposure
2022-11-19 12:00:00
Leak in Aliyun KeySecret
2022-11-21 20:39:05
CVE-2022-39397
2022-11-22 21:15:10
cve
cve
CVE-2022-39397
2022-11-22 21:15:10
cvelist
cvelist
CVE-2022-39397 Exposure of sensitive information in aliyun-oss-client
2022-11-22 00:00:00
prion
prion
Code injection
2022-11-22 21:15:00
github
github
Leak in Aliyun KeySecret
2022-11-21 20:39:05
rustsec
rustsec
`aliyun-oss-client` secret exposure
2022-11-19 12:00:00
4.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
0.001 Low
EPSS
Percentile
19.5%
Related for NVD:CVE-2022-39397