CVE-2022-31162: Slack Morphism for Rust before 0.41.0 can leak Slack OAuth client information in application debug logs
(updated )
Potential/accidental leaking of Slack OAuth client information in application debug logs.
References
- github.com/abdolence/slack-morphism-rust
- github.com/abdolence/slack-morphism-rust/commit/4923fb7d458ed28c0302244c54cb4df0acee7ee6
- github.com/abdolence/slack-morphism-rust/pull/133
- github.com/abdolence/slack-morphism-rust/releases/tag/v0.41.0
- github.com/abdolence/slack-morphism-rust/security/advisories/GHSA-99j7-mhfh-w84p
- github.com/advisories/GHSA-99j7-mhfh-w84p
- nvd.nist.gov/vuln/detail/CVE-2022-31162
- rustsec.org/advisories/RUSTSEC-2022-0086.html
Code Behaviors & Features
Detect and mitigate CVE-2022-31162 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →