crates.io package
object_store
pkg:cargo/object_store
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-41178 | — | >= 0.5.0, < 0.10.2 | 0.10.2 | Jul 23, 2024 | Exposure of temporary credentials in logs in Apache Arrow Rust Object Store (`object_store` crate), version 0.10.1 and earlier on all platforms using AWS WebIdentityTokens. On certain error conditions, the logs may contain the OIDC token passed to AssumeRoleWithWebIdentity htt |
- CVE-2024-41178Jul 23, 2024affected >= 0.5.0, < 0.10.2fixed 0.10.2
Exposure of temporary credentials in logs in Apache Arrow Rust Object Store (`object_store` crate), version 0.10.1 and earlier on all platforms using AWS WebIdentityTokens. On certain error conditions, the logs may contain the OIDC token passed to AssumeRoleWithWebIdentity htt