Lucene search
PRIOn knowledge basePRION:CVE-2024-23840HistoryJan 30, 2024 - 5:15 p.m.
Code injection
2024-01-3017:15:00
PRIOn knowledge base
www.prio-n.com
5
goreleaser
code injection
vulnerability
fixed version 1.24.0
nvd
secret values
GoReleaser builds Go binaries for several platforms, creates a GitHub release and then pushes a Homebrew formula to a tap repository. goreleaser release --debug log shows secret values used in the in the custom publisher. This vulnerability is fixed in 1.24.0.
| CPE | Name | Operator | Version |
|---|---|---|---|
| goreleaser | eq | 1.23.0 |
Related
redhatcve
redhatcve
CVE-2024-23840
2024-01-30 22:53:27
veracode
veracode
Sensitive Information Into Log File
2024-01-31 06:31:42
osv
osv
Information leak in github.com/goreleaser/goreleaser
2024-02-13 18:22:44
`goreleaser release --debug` shows secrets
2024-01-30 20:57:52
CVE-2024-23840
2024-01-30 17:15:11
cvelist
cvelist
CVE-2024-23840 `goreleaser release --debug` shows secrets
2024-01-30 16:39:09
wolfi
wolfi
CVE-2024-23840 vulnerabilities
2024-06-28 15:21:31
cgr
cgr
CVE-2024-23840 vulnerabilities
2024-05-19 03:07:16
nvd
nvd
CVE-2024-23840
2024-01-30 17:15:11
cve
cve
CVE-2024-23840
2024-01-30 17:15:11
github
github
`goreleaser release --debug` shows secrets
2024-01-30 20:57:52