8 matches found
Linux Distros Unpatched Vulnerability : CVE-2022-23538
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - github.com/sylabs/scs-library-client is the Go client for the Singularity Container Services SCS Container Library Service. When the scs-library-client is used ...
scs-library-client may leak user credentials to third-party service via HTTP redirect
Impact When the scs-library-client is used to pull a container image, with authentication, the HTTP Authorization header sent by the client to the library service may be incorrectly leaked to an S3 backing storage provider. This occurs in a specific flow, where the library service redirects the...
GHSA-7P8M-22H4-9PJ7 scs-library-client may leak user credentials to third-party service via HTTP redirect
Impact When the scs-library-client is used to pull a container image, with authentication, the HTTP Authorization header sent by the client to the library service may be incorrectly leaked to an S3 backing storage provider. This occurs in a specific flow, where the library service redirects the...
CVE-2022-23538
github.com/sylabs/scs-library-client is the Go client for the Singularity Container Services SCS Container Library Service. When the scs-library-client is used to pull a container image, with authentication, the HTTP Authorization header sent by the client to the library service may be incorrectl...
UBUNTU-CVE-2022-23538
github.com/sylabs/scs-library-client is the Go client for the Singularity Container Services SCS Container Library Service. When the scs-library-client is used to pull a container image, with authentication, the HTTP Authorization header sent by the client to the library service may be incorrectl...
CVE-2022-23538 User credentials leaked to third-party service via HTTP redirect in scs-library-client
github.com/sylabs/scs-library-client is the Go client for the Singularity Container Services SCS Container Library Service. When the scs-library-client is used to pull a container image, with authentication, the HTTP Authorization header sent by the client to the library service may be incorrectl...
CVE-2022-23538 User credentials leaked to third-party service via HTTP redirect in scs-library-client
github.com/sylabs/scs-library-client is the Go client for the Singularity Container Services SCS Container Library Service. When the scs-library-client is used to pull a container image, with authentication, the HTTP Authorization header sent by the client to the library service may be incorrectl...
SCS Library Client 安全漏洞
SCS Library Client is a Golang client for Singularity Container Services SCS. A security vulnerability exists in SCS Library Client. An attacker can exploit the vulnerability to perform a multi-part concurrent download...