5 matches found
CVE-2024-47803
A flaw was found in Jenkins. Certain versions do not redact multi-line secret values in error messages generated for form submissions involving the secretTextarea form field. Mitigation Mitigation for this issue is ei ther not available or the currently available options do not meet the Red Hat...
GHSA-4MGV-M5CM-F9H7 Vault GitHub Action did not correctly mask multi-line secrets in output
HashiCorp vault-action aka Vault GitHub Action before 2.2.0 allows attackers to obtain sensitive information from log files because a multi-line secret was not correctly registered with GitHub Actions for log masking. The vault-action implementation did not correctly handle the marking of...
HashiCorp Vault Information Disclosure Vulnerability (CNVD-2021-37053)
HashiCorp Vault is a private key access management tool from HashiCorp Hashicorp USA. An information disclosure vulnerability exists in HashiCorp vault-action prior to version 2.2.0, which stems from a multi-line secret that fails to properly register with GitHub Actions to mask logs, which can b...
CVE-2021-32074
HashiCorp vault-action aka Vault GitHub Action before 2.2.0 allows attackers to obtain sensitive information from log files because a multi-line secret was not correctly registered with GitHub Actions for log masking...
HashiCorp Vault 日志信息泄露漏洞
HashiCorp Vault is a private key access management tool from HashiCorp Hashicorp USA. An information disclosure vulnerability exists in HashiCorp vault-action prior to version 2.2.0, which stems from a multi-line secret that fails to properly register with GitHub Actions to mask logs, which can b...