How severe is CVE-2024-52582?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.7 out of 10.

What type of vulnerability is CVE-2024-52582?

This is classified as CWE-497, which is a common weakness in software security.

CVE-2024-52582 - MEDIUM Severity | CVSS 4.7

Vulnerability Description

Cachi2 is a command-line interface tool that pre-fetches a project's dependencies to aid in making the project's build process network-isolated. Prior to version 0.14.0, secrets may be shown in logs when an unhandled exception is triggered because the tool is logging locals of each function. This may uncover secrets if tool used in CI/build pipelines as it's the main use case. Version 0.14.0 contains a patch for the issue. No known workarounds are available.

Related Vulnerabilities

CVE-2023-0005

MEDIUM

CVSS:4.9(Medium)

A vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to expose the plaintext values of secrets stored in the device configuration and encrypted API keys.

CWE-4972023

CVE-2022-20734

MEDIUM

CVSS:4.4(Medium)

A vulnerability in Cisco SD-WAN vManage Software could allow an authenticated, local attacker to view sensitive information on an affected system. This vulnerability is due to insufficient file system...

CWE-4972022

CVE-2024-36509

MEDIUM

CVSS:4.4(Medium)

An exposure of sensitive system information to an unauthorized control sphere vulnerability [CWE-497] in FortiWeb version 7.6.0, version 7.4.3 and below, version 7.2.10 and below, version 7.0.10 and b...

CWE-4972024

CVE-2024-53683

MEDIUM

CVSS:4.4(Medium)

A valid set of credentials in a .js file and a static token for communication were obtained from the decompiled IPA. An attacker could use the information to disrupt normal use of the application by c...

CWE-4972024

CVE-2025-48024

MEDIUM

CVSS:5.0(Medium)

In BlueWave Checkmate before 2.1, an authenticated regular user can access sensitive application secrets via the /api/v1/settings endpoint.

CWE-4972025

CVE-2024-41781

MEDIUM

CVSS:5.1(Medium)

IBM PowerVM Platform KeyStore (IBM PowerVM Hypervisor FW950.00 through FW950.90, FW1030.00 through FW1030.60, FW1050.00 through FW1050.20, and FW1060.00 through FW1060.10 functionality can be compromi...

CWE-4972024