Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 10:7 p.m.10 views

CVE-2022-3474

A bad credential handling in the remote assets API for Bazel versions prior to 5.3.2 and 4.2.3 sends all user-provided credentials instead of only the required ones for the requests. We recommend upgrading to versions later than or equal to 5.3.2 or 4.2.3...

5.1CVSS6.8AI score0.00213EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/12/03 12:0 a.m.14 views

CBL Mariner 2.0 Security Update: bazel (CVE-2022-3474)

The version of bazel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-3474 advisory. - A bad credential handling in the remote assets API for Bazel versions prior to 5.3.2 and 4.2.3 sends all...

5.1CVSS6.1AI score0.00213EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/07/23 12:0 a.m.17 views

Photon OS 4.0: Bazel PHSA-2023-4.0-0396

An update of the bazel package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-4.0-0396. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

5.1CVSS5.8AI score0.00213EPSS
Exploits0References2
CBLMariner
CBLMariner
added 2022/11/16 2:27 a.m.32 views

CVE-2022-3474 affecting package bazel for versions less than 5.3.2-1

CVE-2022-3474 affecting package bazel for versions less than 5.3.2-1. An upgraded version of the package is available that resolves this issue...

5.1CVSS5.2AI score0.00213EPSS
Exploits0
CVE
CVE
added 2022/10/26 12:0 a.m.96 views

CVE-2022-3474

CVE-2022-3474 concerns a flaw in Bazel's remote assets API where bad credential handling causes all user-provided credentials to be sent instead of only the required ones. Affected are Bazel versions prior to 5.3.2 and 4.2.3. The consequence is credential exposure for requests using this API. The...

5.1CVSS4.5AI score0.00213EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/10/26 12:0 a.m.21 views

CVE-2022-3474 Bazel leaks user credentials through the remote assets API

A bad credential handling in the remote assets API for Bazel versions prior to 5.3.2 and 4.2.3 sends all user-provided credentials instead of only the required ones for the requests. We recommend upgrading to versions later than or equal to 5.3.2 or 4.2.3...

5.1CVSS6AI score0.00213EPSS
Exploits0References1
Rows per page
Query Builder