View all vulnerabilities

CVE-2024-6104

Leak of sensitive information to log files in github.com/hashicorp/go-retryablehttp

URLs were not sanitized when writing them to log files. This could lead to writing sensitive HTTP basic auth credentials to the log file.

Patch Available

Fix available through Seal Security. No upgrade required, protect your application instantly.

Fix without upgrading
Vulnerability Details
Score
Score Vector
Affected Versions
github.com/hashicorp/go-retryablehttp < 0.7.7
Severity
Ecosystem
GO
Publish Date
June 25, 2024
Modified Date
July 15, 2024