Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
github.com/huandu/facebook may expose access_token in error message
Vulnerability Description
github.com/huandu/facebook is a Go package that fully supports the Facebook Graph API with file upload, batch request and marketing API. access_token can be exposed in error message on fail in HTTP request. This issue has been patched in version 2.7.2.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
通过错误消息导致的信息暴露
Vulnerability Title
Facebook Graph API SDK 安全漏洞
Vulnerability Description
Facebook Graph API SDK是中国Huan Du个人开发者的一个Go包。 Facebook Graph API SDK 2.7.2之前版本存在安全漏洞,该漏洞源于HTTP请求失败时,access_token可能会在错误消息中公开。
CVSS Information
N/A
Vulnerability Type
N/A