vulnerability
Red Hat OpenShift: CVE-2024-6104: go-retryablehttp: url might write sensitive information to log file
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:L/Au:S/C:C/I:N/A:N) | 2024-06-24 | 2024-08-01 | 2025-04-11 |
Severity
5
CVSS
(AV:L/AC:L/Au:S/C:C/I:N/A:N)
Published
2024-06-24
Added
2024-08-01
Modified
2025-04-11
Description
go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp 0.7.7.
Solution(s)
linuxrpm-upgrade-podmanlinuxrpm-upgrade-skopeo
References
- CVE-2024-6104
- https://attackerkb.com/topics/CVE-2024-6104
- REDHAT-RHSA-2024:10518
- REDHAT-RHSA-2024:10823
- REDHAT-RHSA-2024:11562
- REDHAT-RHSA-2024:3722
- REDHAT-RHSA-2024:4316
- REDHAT-RHSA-2024:4321
- REDHAT-RHSA-2024:4469
- REDHAT-RHSA-2024:4479
- REDHAT-RHSA-2024:4613
- REDHAT-RHSA-2024:4699
- REDHAT-RHSA-2024:4846
- REDHAT-RHSA-2024:4853
- REDHAT-RHSA-2024:4858
- REDHAT-RHSA-2024:4872
- REDHAT-RHSA-2024:4960
- REDHAT-RHSA-2024:4963
- REDHAT-RHSA-2024:4965
- REDHAT-RHSA-2024:5107
- REDHAT-RHSA-2024:5160
- REDHAT-RHSA-2024:5194
- REDHAT-RHSA-2024:5199
- REDHAT-RHSA-2024:5200
- REDHAT-RHSA-2024:5258
- REDHAT-RHSA-2024:5433
- REDHAT-RHSA-2024:5444
- REDHAT-RHSA-2024:5446
- REDHAT-RHSA-2024:5547
- REDHAT-RHSA-2024:5634
- REDHAT-RHSA-2024:5808
- REDHAT-RHSA-2024:6004
- REDHAT-RHSA-2024:6009
- REDHAT-RHSA-2024:6054
- REDHAT-RHSA-2024:6122
- REDHAT-RHSA-2024:6194
- REDHAT-RHSA-2024:6406
- REDHAT-RHSA-2024:6409
- REDHAT-RHSA-2024:6642
- REDHAT-RHSA-2024:6738
- REDHAT-RHSA-2024:6755
- REDHAT-RHSA-2024:6811
- REDHAT-RHSA-2024:7184
- REDHAT-RHSA-2024:7237
- REDHAT-RHSA-2024:7323
- REDHAT-RHSA-2024:7324
- REDHAT-RHSA-2024:7624
- REDHAT-RHSA-2024:7744
- REDHAT-RHSA-2024:8040
- REDHAT-RHSA-2024:8314
- REDHAT-RHSA-2024:8677
- REDHAT-RHSA-2024:9098
- REDHAT-RHSA-2024:9115
- REDHAT-RHSA-2025:0029
- REDHAT-RHSA-2025:0536
- REDHAT-RHSA-2025:1116
- REDHAT-RHSA-2025:1829
- REDHAT-RHSA-2025:1865
- REDHAT-RHSA-2025:1866
- REDHAT-RHSA-2025:3714
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.