CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
AI Score
Confidence
Low
The vulnerability in the retryablehttp package is related to the lack of purging cleared URLs when writing them to its
log file. Exploitation of the vulnerability could allow an attacker to obtain sensitive credentials
HTTP basic authentication credentials
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
redos | 7.3 | x86_64 | python3-pansi | < 2020.7.3-1 | UNKNOWN |