CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3 matches found

Prion•added 2023/01/03 9:15 p.m.•17 views

Design/Logic Flaw

Spinnaker is an open source, multi-cloud continuous delivery platform for releasing software changes, and Spinnaker's Rosco microservice produces machine images. Rosco prior to versions 1.29.2, 1.28.4, and 1.27.3 does not property mask secrets generated via packer builds. This can lead to exposur...

5CVSS7.5AI score0.00274EPSS

Exploits0References2Affected Software1

OSV•added 2023/01/03 8:4 p.m.•12 views

CVE-2022-23506 Spinnaker's Rosco microservice vulnerable to improper log masking on AWS Packer builds

4.3CVSS7.5AI score0.00274EPSS

Exploits0References4

CVE•added 2023/01/03 8:4 p.m.•65 views

CVE-2022-23506

CVE-2022-23506 affects Spinnaker’s Rosco microservice. Prior to versions 1.29.2, 1.28.4, and 1.27.3, Rosco did not properly mask secrets generated during Packer builds, which could expose AWS credentials in log files. The issue is mitigated in 1.29.2, 1.28.4, and 1.27.3+ fixes. A workaround recom...

7.5CVSS5.8AI score0.00274EPSS

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by