4 matches found
CVE-2025-24355
Updatecli is a tool used to apply file update strategies. Prior to version 0.93.0, private maven repository credentials may be leaked in application logs in case of unsuccessful retrieval operation. During the execution of an updatecli pipeline which contains a maven source configured with basic...
CVE-2025-24355
Updatecli is a tool used to apply file update strategies. Prior to version 0.93.0, private maven repository credentials may be leaked in application logs in case of unsuccessful retrieval operation. During the execution of an updatecli pipeline which contains a maven source configured with basic...
CVE-2025-24355 Updatecli may expose Maven credentials in console output
Updatecli is a tool used to apply file update strategies. Prior to version 0.93.0, private maven repository credentials may be leaked in application logs in case of unsuccessful retrieval operation. During the execution of an updatecli pipeline which contains a maven source configured with basic...
CVE-2025-24355
Updatecli (tool) is affected by CVE-2025-24355: when a pipeline uses a maven source with basic auth credentials and the retrieval operation fails, private credentials may be leaked in logs. The issue is resolved in version 0.93.0. Related advisories (GHSA-GHSA: v34R-vJ4R-38J6) describe the same l...