Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cryptomator: Leaking of cleartext paths into log file in non-debug mode
Vulnerability Description
Cryptomator encrypts data being stored on cloud infrastructure. Prior to version 1.19.0, in non-debug mode Cryptomator might leak cleartext paths into the log file. This can reveal meta information about the files stored inside a vault at a time, where the actual vault is closed. Not every cleartext path is logged. Only if a filesystem request fails for some reason (e.g. damaged encrypted file, not existing file), a log message is created. This issue has been patched in version 1.19.0.
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N
Vulnerability Type
通过错误消息导致的信息暴露
Vulnerability Title
Cryptomator 安全漏洞
Vulnerability Description
Cryptomator是Cryptomator社区的一个简单的数字自卫工具。用于保护数据。 Cryptomator 1.19.0之前版本存在安全漏洞,该漏洞源于可能将明文路径泄露到日志文件,可能导致信息泄露。
CVSS Information
N/A
Vulnerability Type
N/A