Lucene search
China National Vulnerability DatabaseCNVD-2022-87362HistoryOct 12, 2022 - 12:00 a.m.
Slack Morphism Information Disclosure Vulnerability
2022-10-1200:00:00
China National Vulnerability Database
www.cnvd.org.cn
6
slack morphism
rust
web api
events api
block kit
information disclosure
EPSS
0.001
Percentile
48.7%
Slack Morphism is a modern asynchronous client library for Rust that supports Slack Web, Events APIocket Mode, and Block Kit. versions prior to Slack Morphism 1.3.2 have an information disclosure vulnerability that stems from insufficient protection of sensitive information in the application, which could be exploited to obtain sensitive URLs containing private information via debug logs.
Related
osv
osv
CVE-2022-39292
2022-10-10 15:15:09
Slack Webhooks secrets leak in debug logs
2022-10-10 12:00:00
Exposure of sensitive Slack webhook URLs in debug logs and traces
2022-10-10 21:07:47
rustsec
rustsec
Slack Webhooks secrets leak in debug logs
2022-10-10 12:00:00
prion
prion
Information disclosure
2022-10-10 15:15:00
cve
cve
CVE-2022-39292
2022-10-10 15:15:09
nvd
nvd
CVE-2022-39292
2022-10-10 15:15:09
cvelist
cvelist
github
github
Exposure of sensitive Slack webhook URLs in debug logs and traces
2022-10-10 21:07:47