← Voltar para CVEs
CVE-2026-24762
HIGH7.5
Descricao
RustFS is a distributed object storage system built in Rust. From versions alpha.13 to alpha.81, RustFS logs sensitive credential material (access key, secret key, session token) to application logs at INFO level. This results in credentials being recorded in plaintext in log output, which may be accessible to internal or external log consumers and could lead to compromise of sensitive credentials. This issue has been patched in version alpha.82.
Detalhes CVE
Pontuacao CVSS v3.17.5
SeveridadeHIGH
Vetor CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Vetor de ataqueNETWORK
ComplexidadeLOW
Privilegios necessariosNONE
Interacao do usuarioNONE
Publicado2/3/2026
Ultima modificacao2/23/2026
Fontenvd
Avistamentos honeypot0
Produtos afetados
rustfs:rustfs
Fraquezas (CWE)
CWE-532
Referencias
https://github.com/rustfs/rustfs/security/advisories/GHSA-r54g-49rx-98cr(security-advisories@github.com)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.