CVE-2021-32074

HashiCorp vault-action (aka Vault GitHub Action) before 2.2.0 allows attackers to obtain sensitive information from log files because a multi-line secret was not correctly registered with GitHub Actions for log masking.
Configurations

Configuration 1 (hide)

cpe:2.3:a:hashicorp:vault-action:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2021-05-07 05:15

Updated : 2024-02-28 18:28


NVD link : CVE-2021-32074

Mitre link : CVE-2021-32074

CVE.ORG link : CVE-2021-32074


JSON object : View

Products Affected

hashicorp

  • vault-action
CWE
CWE-532

Insertion of Sensitive Information into Log File