CVE-2022-38149

HashiCorp Consul Template up to 0.27.2, 0.28.2, and 0.29.1 may expose the contents of Vault secrets in the error returned by the *template.Template.Execute method, when given a template using Vault secret contents incorrectly. Fixed in 0.27.3, 0.28.3, and 0.29.2.
Configurations

Configuration 1

cpe:2.3:a:hashicorp:consul_template:*:*:*:*:*:*:*:*

Information

Published : 2022-08-17 03:15

Updated : 2022-09-01 01:15


NVD link : CVE-2022-38149

Mitre link : CVE-2022-38149

Products Affected
CWE
CWE-532

Insertion of Sensitive Information into Log File