5 matches found
CVE-2023-45825
ydb-go-sdk is a pure Go native and database/sql driver for the YDB platform. Since ydb-go-sdk v3.48.6 if you use a custom credentials object implementation of interface Credentials it may leak into logs. This happens because this object could be serialized into an error message using...
Design/Logic Flaw
ydb-go-sdk is a pure Go native and database/sql driver for the YDB platform. Since ydb-go-sdk v3.48.6 if you use a custom credentials object implementation of interface Credentials it may leak into logs. This happens because this object could be serialized into an error message using...
CVE-2023-45825 Token in custom credentials object can leak through logs in ydb-go-sdk
ydb-go-sdk is a pure Go native and database/sql driver for the YDB platform. Since ydb-go-sdk v3.48.6 if you use a custom credentials object implementation of interface Credentials it may leak into logs. This happens because this object could be serialized into an error message using...
CVE-2023-45825 Token in custom credentials object can leak through logs in ydb-go-sdk
ydb-go-sdk is a pure Go native and database/sql driver for the YDB platform. Since ydb-go-sdk v3.48.6 if you use a custom credentials object implementation of interface Credentials it may leak into logs. This happens because this object could be serialized into an error message using...
PT-2023-29713 · Yandex · Ydb-Go-Sdk
Name of the Vulnerable Software and Affected Versions: ydb-go-sdk versions 3.48.6 through 3.53.2 Description: The issue concerns a potential leak of sensitive information, such as credentials, into logs when using a custom credentials object with ydb-go-sdk. This occurs because the custom...