CNNVD-202506-3280 Information
CNNVD ID
CNNVD-202506-3280
Related CVE
- CNNVD Published: 2025-06-26
Description (Chinese)
Snyk CLI是美国Snyk公司的一个构建时工具,用于查找和修复项目中的已知漏洞。 Snyk CLI 1.1297.3之前版本存在安全漏洞,该漏洞源于敏感信息插入日志文件,可能导致凭据泄露。
Description (English)
Snyk CLI is a construction time tool for United States Snyk to identify and repair known gaps in the project. There was a security loophole in the pre-Snyk CLI 1.12973 version, which originated from the insertion of sensitive information into log files and could lead to the release of evidence.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
Snyk
Published
2025-06-26
Last Modified
2026-02-24
References
https://docs.snyk.io/snyk-cli/debugging-the-snyk-cli https://github.com/snyk/cli/commit/38322f377da7e5f1391e1f641710be50989fa4df https://github.com/snyk/cli/releases/tag/v1.1297.3 https://github.com/snyk/go-application-framework/commit/ca7ba7d72e68455afb466a7a47bb2c9aece86c18 https://security.snyk.io/vuln/SNYK-JS-SNYK-10497607
Patch
https://github.com/snyk/cli/releases
Share on: