VYPR

Arrow Rust Object Store

by Apache

Source repositories

CVEs (1)

  • CVE-2024-41178Jul 23, 2024
    risk 0.00cvss epss 0.01

    Exposure of temporary credentials in logs in Apache Arrow Rust Object Store (`object_store` crate), version 0.10.1 and earlier on all platforms using AWS WebIdentityTokens.  On certain error conditions, the logs may contain the OIDC token passed to AssumeRoleWithWebIdentity…