Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/02/06 2:31 a.m.9 views

CVE-2025-24355

Updatecli is a tool used to apply file update strategies. Prior to version 0.93.0, private maven repository credentials may be leaked in application logs in case of unsuccessful retrieval operation. During the execution of an updatecli pipeline which contains a maven source configured with basic...

7.1CVSS6.7AI score0.00224EPSS
Exploits0References1
NVD
NVD
added 2025/01/24 5:15 p.m.10 views

CVE-2025-24355

Updatecli is a tool used to apply file update strategies. Prior to version 0.93.0, private maven repository credentials may be leaked in application logs in case of unsuccessful retrieval operation. During the execution of an updatecli pipeline which contains a maven source configured with basic...

7.1CVSS0.00224EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/01/24 4:48 p.m.9 views

CVE-2025-24355 Updatecli may expose Maven credentials in console output

Updatecli is a tool used to apply file update strategies. Prior to version 0.93.0, private maven repository credentials may be leaked in application logs in case of unsuccessful retrieval operation. During the execution of an updatecli pipeline which contains a maven source configured with basic...

7.1CVSS7.2AI score0.00224EPSS
Exploits0References2
CVE
CVE
added 2025/01/24 4:48 p.m.64 views

CVE-2025-24355

Updatecli (tool) is affected by CVE-2025-24355: when a pipeline uses a maven source with basic auth credentials and the retrieval operation fails, private credentials may be leaked in logs. The issue is resolved in version 0.93.0. Related advisories (GHSA-GHSA: v34R-vJ4R-38J6) describe the same l...

7.1CVSS7AI score0.00224EPSS
Exploits0References2
Rows per page
Query Builder