DescriptionA bad credential handling in the remote assets API for Bazel versions prior to 5.3.2 and 4.2.3 sends all user-provided credentials instead of only the required ones for the requests. We recommend upgrading to versions later than or equal to 5.3.2 or 4.2.3.
Overall state of this security issue: Does not affect SUSE products
This issue is currently rated as having moderate severity.
|National Vulnerability Database|
SUSE Timeline for this CVECVE page created: Thu Oct 27 06:00:31 2022
CVE page last modified: Sat Oct 29 11:39:57 2022