English
Français
Light
Dark
System

Alert System

Stay informed at all times
Create an account Open a free account Login Manage your alerts

Slack Morphism Project Slack Morphism 0.7.0 for Rust

CPE Details

Slack Morphism Project Slack Morphism 0.7.0 for Rust
slack_morphism_project
slack_morphism
0.7.0
2022-07-29 15:13 +00:00
2022-07-29 16:06 +00:00
CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.
Alert management

CPE Name: cpe:2.3:a:slack_morphism_project:slack_morphism:0.7.0:*:*:*:*:rust:*:*

Informations

Vendor

slack_morphism_project

Product

slack_morphism

Version

0.7.0

Target Software

rust

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2022-39292 2022-10-09 22:00 +00:00 Slack Morphism is a modern client library for Slack Web/Events API/Socket Mode and Block Kit. Debug logs expose sensitive URLs for Slack webhooks that contain private information. The problem is fixed in version 1.3.2 which redacts sensitive URLs for webhooks. As a workaround, people who use Slack webhooks may disable or filter debug logs.
7.5
HIGH
CVE-2022-31162 2022-07-21 11:20 +00:00 Slack Morphism is an async client library for Rust. Prior to 0.41.0, it was possible for Slack OAuth client information to leak in application debug logs. Stricter and more secure debug formatting was introduced in v0.41.0 for OAuth secret types to reduce the possibility of printing sensitive information in application logs. As a workaround, do not print/output requests and responses for OAuth and client configurations in logs.
7.5
HIGH

More information
Click on the button to the left (OFF), to authorize the inscription of cookie improving the functionalities of the site. Click on the button to the left (Accept all), to unauthorize the inscription of cookie improving the functionalities of the site.