OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-02-13 21:18:11 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
0e97e6e71f0dd52b4b4e0ab3fa6e5e5dd72f852a
advisory-db/crates/slack-morphism/RUSTSEC-2022-0087.md
github-actions[bot] e9f2cb51e9 Assigned RUSTSEC-2022-0087 to slack-morphism (#1563) 
Co-authored-by: pinkforest <pinkforest@users.noreply.github.com>
2023-02-02 22:45:24 +11:00

482 B
Raw Blame History 

[advisory]
id = "RUSTSEC-2022-0087"
package = "slack-morphism"
date = "2022-10-10"
url = "https://github.com/abdolence/slack-morphism-rust/commit/65ef9fac4f39c4e171e2952a6cf029bb0d059a89"
aliases = ["CVE-2022-39292", "GHSA-4mjx-2gh5-ph8h"]

[versions]
patched = [">= 1.3.2"]

Slack Webhooks secrets leak in debug logs

Debug log formatting made it possible to leak Webhooks secrets into debug logs.

The patched version has introduced more strict checks to avoid this.