CVE-2024-6104

Published: 2024-06-24T17:15Z

Last Modified: 2024-11-21T09:48Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp 0.7.7. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt