Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 11:24 p.m.6 views

CVE-2022-39397

aliyun-oss-client is a rust client for Alibaba Cloud OSS. Users of this library will be affected, the incoming secret will be disclosed unintentionally. This issue has been patched in version 0.8.1...

5.6CVSS6.8AI score0.00421EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/03/11 11:19 p.m.7 views

Malicious code in upload-aliyun-oss (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b137056ce2896ba2e4b0b632262308afc40672c5a46bff9c2cb50a7b3a81a386 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2025/03/11 11:19 p.m.5 views

MAL-2025-2283 Malicious code in upload-aliyun-oss (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b137056ce2896ba2e4b0b632262308afc40672c5a46bff9c2cb50a7b3a81a386 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/03/29 12:0 a.m.11 views

PT-2024-23420 · Alibaba · Oss Aliyun

Name of the Vulnerable Software and Affected Versions: OSS Aliyun versions 1.4.10 and earlier Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for potential exploitation by injecting maliciou...

7.6CVSS9.8AI score0.00515EPSS
Exploits0References4
NVD
NVD
added 2022/11/22 9:15 p.m.27 views

CVE-2022-39397

aliyun-oss-client is a rust client for Alibaba Cloud OSS. Users of this library will be affected, the incoming secret will be disclosed unintentionally. This issue has been patched in version 0.8.1...

5.6CVSS0.00421EPSS
Exploits0References2
Prion
Prion
added 2022/11/22 9:15 p.m.19 views

Code injection

aliyun-oss-client is a rust client for Alibaba Cloud OSS. Users of this library will be affected, the incoming secret will be disclosed unintentionally. This issue has been patched in version 0.8.1...

4CVSS4.6AI score0.00421EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2022/11/22 12:0 a.m.6 views

CVE-2022-39397 Exposure of sensitive information in aliyun-oss-client

aliyun-oss-client is a rust client for Alibaba Cloud OSS. Users of this library will be affected, the incoming secret will be disclosed unintentionally. This issue has been patched in version 0.8.1...

5.6CVSS5.5AI score0.00421EPSS
Exploits0References2
RustSec
RustSec
added 2022/11/19 12:0 p.m.39 views

`aliyun-oss-client` secret exposure

The aliyun-oss-client unintentionally divulges the authentication secret. This bug was fixed in this commit by limiting the concerned traits to be pub only within the crate...

5.6CVSS1.4AI score0.00421EPSS
Exploits0Affected Software1
CNVD
CNVD
added 2017/08/15 12:0 a.m.1 views

Hobo AliCloud OSS credentials suffer from information leakage vulnerability

Lotus app is an investment and financial management software. There is an information leakage vulnerability in the Lotus Aliyun OSS credentials. The vulnerability is caused by credential leakage due to the use of SDK with accessKeyId and accessKeySecret built into the mobile app. An attacker can...

6.9AI score
Exploits0
Rows per page
Query Builder