AIKIDO-2024-10161
@aws-sdk/client-payment-cryptography-data is vulnerable to Insertion of Sensitive Information into Log File
5
Low
@aws-sdk/client-payment-cryptography-data
AIKIDO-2024-10161: @aws-sdk/client-payment-cryptography-data is vulnerable to Insertion of Sensitive Information into Log File in versions 3.349.0 - 3.607.0.
Insertion of Sensitive Information into Log File
Vuln in 3.349.0 - 3.607.0
Fixed in 3.608.0
No CVE available
TL;DR
Affected versions of this package are vulnerable to Exposure of Sensitive Information into the Log files, when importing or exporting a TR31KeyBlock.
Who does this affect?
You're affected if you are using a vulnerable version of the package.
How can it be fixed?
Upgrade @aws-sdk/client-payment-cryptography-data to a patch version.
Are you
to these issues?
Connect your GitHub, GitLab, Bitbucket or Azure DevOps account to start scanning your repos for free.
Start For FreeYour data won't be shared · Read-only access
© 2024 Aikido Security BV | BE0792914919
🇪🇺 Grauwpoort 1, 9000 Ghent, Belgium
🇺🇸 95 Third St, 2nd Fl, San Francisco, CA 94103, US