Vulnerability Report: GO-2021-0064

Authorization tokens may be inappropriately logged if the verbosity level is set to a debug level. This is due to an incomplete fix for CVE-2019-11250.

Affected Packages

  • Path
    Go Versions
    Symbols
  • before v0.20.0-alpha.2
    6 unexported affected symbols
    • basicAuthRoundTripper.RoundTrip
    • bearerAuthRoundTripper.RoundTrip
    • debuggingRoundTripper.RoundTrip
    • impersonatingRoundTripper.RoundTrip
    • requestInfo.toCurl
    • userAgentRoundTripper.RoundTrip

Aliases

References

Credits

  • @sfowl

Feedback

See anything missing or incorrect? Suggest an edit to this report.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL