GHSA-3w3h-7xgx-grwc
Suggest an improvement- Source
- https://github.com/advisories/GHSA-3w3h-7xgx-grwc
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/11/GHSA-3w3h-7xgx-grwc/GHSA-3w3h-7xgx-grwc.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-3w3h-7xgx-grwc
- Aliases
- Published
- 2022-11-21T20:39:05Z
- Modified
- 2023-11-08T04:10:21.081461Z
- Severity
-
- 5.6 (Medium) CVSS_V3 - CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:N CVSS Calculator
- Summary
- Leak in Aliyun KeySecret
- Details
-
Impact
Users of this library will be affected when using this library, the incoming secret will be disclosed unintentionally.
Patches
This have already been solved.
Workarounds
No, It cannot be patched without upgrading
References
No
For more information
If you have any questions or comments about this advisory: * Email us at email address
- Database specific
{ "nvd_published_at": "2022-11-22T21:15:00Z", "cwe_ids": [ "CWE-200" ], "severity": "MODERATE", "github_reviewed": true, "github_reviewed_at": "2022-11-21T20:39:05Z" }- References
Affected packages
crates.io / aliyun-oss-client
Package
- Name
- aliyun-oss-client
- View open source insights on deps.dev
- Purl
- pkg:cargo/aliyun-oss-client