2 matches found
CVE-2022-39292
CVE-2022-39292 affects Slack Morphism, a Rust client library for Slack Web/Events API/Socket Mode and Block Kit. Vulnerability: debug logs can disclose sensitive webhook URLs containing private information. The issue is mitigated by upgrading to version 1.3.2, which redacts sensitive webhook URLs...
CVE-2022-39292 Exposure of sensitive Slack webhook URLs in debug logs and traces
Slack Morphism is a modern client library for Slack Web/Events API/Socket Mode and Block Kit. Debug logs expose sensitive URLs for Slack webhooks that contain private information. The problem is fixed in version 1.3.2 which redacts sensitive URLs for webhooks. As a workaround, people who use Slac...