Lucene search
+L

4 matches found

susecve
susecve
•added 2025/01/25 3:46 a.m.•4 views

SUSE CVE-2025-24355

Updatecli is a tool used to apply file update strategies. Prior to version 0.93.0, private maven repository credentials may be leaked in application logs in case of unsuccessful retrieval operation. During the execution of an updatecli pipeline which contains a maven source configured with basic...

7.1CVSS7AI score0.00224EPSS
Exploits0References4
osv
osv
•added 2025/01/24 6:45 p.m.•10 views

GHSA-V34R-VJ4R-38J6 Updatecli exposes Maven credentials in console output

Summary Private maven repository credentials leaked in application logs in case of unsuccessful retrieval operation. Details During the execution of an updatecli pipeline which contains a maven source configured with basic auth credentials, the credentials are being leaked in the application...

7.1CVSS7AI score0.00224EPSS
Exploits0References5
nvd
nvd
•added 2025/01/24 5:15 p.m.•10 views

CVE-2025-24355

Updatecli is a tool used to apply file update strategies. Prior to version 0.93.0, private maven repository credentials may be leaked in application logs in case of unsuccessful retrieval operation. During the execution of an updatecli pipeline which contains a maven source configured with basic...

7.1CVSS0.00224EPSS
Exploits0References2
cve
cve
•added 2025/01/24 4:48 p.m.•64 views

CVE-2025-24355

Updatecli (tool) is affected by CVE-2025-24355: when a pipeline uses a maven source with basic auth credentials and the retrieval operation fails, private credentials may be leaked in logs. The issue is resolved in version 0.93.0. Related advisories (GHSA-GHSA: v34R-vJ4R-38J6) describe the same l...

7.1CVSS7AI score0.00224EPSS
Exploits0References2
Rows per page
Query Builder