HashiCorp go-retryablehttp Log Information Disclosure Vulnerability
go-retryablehttp is a retryable HTTP client in Go open-sourced by HashiCorp. A security vulnerability exists in Hashicorp go-retryablehttp versions prior to 0.7.7, which stems from failure to clean up a URL when writing it to a log file, resulting in sensitive HTTP basic authentication credential...