CVE-2020-10750

Inclusion of Sensitive Information in Log Files in go/github.com/jaegertracing/jaeger

Identifiers

CVE-2020-10750

Package Slug

go/github.com/jaegertracing/jaeger

Vulnerability

Inclusion of Sensitive Information in Log Files

Description

Sensitive information written to a log file vulnerability was found in jaegertracing/jaeger when the Kafka data store is used. This flaw allows an attacker with access to the container's log file to discover the Kafka credentials.

Affected Versions

All versions before 1.18.1

Solution

Upgrade to version 1.18.1 or above.

Last Modified

2020-06-25

source