Web: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-29810

April 27, 2022, 6:15 a.m. |

National Vulnerability Database nist.gov

The Hashicorp go-getter library before 1.5.11 could write SSH credentials into its logfile, exposing sensitive credentials to local users able to read the logfile.

cve go

Senior Product Security Engineer

@ Panther Labs | United States

Lead, DevSecOps

@ Hex Trust | Singapore, Singapore, Singapore

Information Security GRC Lead

@ Bud | London, England, United Kingdom

Security Analyst

@ AnaVation | Quantico, VA

Security Engineer

@ Homebase | Atlanta, Georgia, United States

Principal Offensive Cloud Security Engineer

@ Uptycs | Remote, USA

Security Engineer

@ AnaVation | Quantico, VA

Information Systems Security Manager

@ Barbaricum | Washington, DC

Cloud Engineer - GCP Security Specialist

@ DoiT International | Remote Israel

Security Operations Analyst - Compliance

@ Algolia | London, England

GRC Lead - Software Compliance

@ Ivanti | United States

Security Administrator

@ Trusting Social | Ho Chi Minh City, Ho Chi Minh City, Vietnam