PT-2019-20070 · Renovate · Renovate
Publicado
2019-10-21
·
Atualizado
2019-10-21
CVSS v3.1
5.3
Média
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Renovate versions prior to 19.38.7
Description
Temporary repository tokens were leaked into Pull Requests comments during certain Go Modules update failure scenarios.
Recommendations
For versions prior to 19.38.7, upgrade to version 19.38.7 or later.
As a temporary workaround, consider disabling Go Modules support until the issue is resolved.
Correção
Information Disclosure
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Renovate