Lucene search

CVE-2023-45825

🗓️ 19 Oct 2023 19:16:15Reported by GoogleType

osv🔗 osv.dev👁 8 Views

ydb-go-sdk v3.48.6 to v3.53.2 logs custom credentials, leading to sensitive information exposur

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 9
veracode	Credential Disclosure Through Logs	23 Oct 202304:10	–	veracode
cvelist	CVE-2023-45825 Token in custom credentials object can leak through logs in ydb-go-sdk	19 Oct 202318:22	–	cvelist
nvd	CVE-2023-45825	19 Oct 202319:15	–	nvd
github	ydb-go-sdk token in custom credentials object can leak through logs	19 Oct 202317:10	–	github
vulnrichment	CVE-2023-45825 Token in custom credentials object can leak through logs in ydb-go-sdk	19 Oct 202318:22	–	vulnrichment
cve	CVE-2023-45825	19 Oct 202319:15	–	cve
osv	GO-2023-2137 Credentials leak in github.com/ydb-platform/ydb-go-sdk/v3	24 Oct 202320:27	–	osv
osv	GHSA-Q24M-6H38-5XJ8 ydb-go-sdk token in custom credentials object can leak through logs	19 Oct 202317:10	–	osv
prion	Design/Logic Flaw	19 Oct 202319:15	–	prion

Source	Link
github	www.github.com/ydb-platform/ydb-go-sdk/security/advisories/GHSA-q24m-6h38-5xj8
github	www.github.com/ydb-platform/ydb-go-sdk/pull/859
github	www.github.com/ydb-platform/ydb-go-sdk/blob/master/credentials/credentials.go
github	www.github.com/ydb-platform/ydb-go-sdk/blob/v3.48.6/internal/balancer/balancer.go

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

19 Oct 2023 19:15Current

6.4Medium risk

Vulners AI Score6.4

CVSS35.5

EPSS0.00175

SSVC