Google Llc Bazel vulnerabilities

1 known vulnerability affecting google_llc/bazel.

Total CVEs

1

CISA KEV

0

Public exploits

0

Exploited in wild

0

Severity breakdown

MEDIUM1

Vulnerabilities

Page 1 of 1

CVE-2022-3474MEDIUMCVSS 5.1≥ 5.0.0, < 5.3.2≥ 4.0.0, < 4.2.3+1 more2022-10-26

CVE-2022-3474 [MEDIUM] CWE-522 CVE-2022-3474: A bad credential handling in the remote assets API for Bazel versions prior to 5.3.2 and 4.2.3 sends A bad credential handling in the remote assets API for Bazel versions prior to 5.3.2 and 4.2.3 sends all user-provided credentials instead of only the required ones for the requests. We recommend upgrading to versions later than or equal to 5.3.2 or 4.2.3.