CVE-2022-26907: Insertion of Sensitive Information into Log File
(updated )
Azure SDK for .NET Information Disclosure Vulnerability
References
- github.com/Azure/azure-sdk-for-net/blob/a919c48ae294fed084a9679b6f53ac6af3fb4c3a/sdk/mgmtcommon/ClientRuntime/ClientRuntime/Microsoft.Rest.ClientRuntime.csproj
- github.com/Azure/azure-sdk-for-net/commit/e67f2a9fc5aa1060bd465d1458c347671268f6f5
- github.com/Azure/azure-sdk-for-net/pull/28169
- github.com/advisories/GHSA-whph-446h-6m9v
- msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26907
- nvd.nist.gov/vuln/detail/CVE-2022-26907
- portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-26907
Code Behaviors & Features
Detect and mitigate CVE-2022-26907 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →