DependencyCheck Debug Mode Logging of NVD API Key

Go back

severity: medium
date: January 19, 2024
Affecting: org.owasp:dependency-check-maven versions starting at 9.0.0 up through 9.0.6
org.owasp:dependency-check-cli versions starting at 9.0.0 up through 9.0.5
org.owasp:dependency-check-ant versions starting at 9.0.0 up through 9.0.5
CVE: CVE-2024-23686
CVE type: Insertion of Sensitive Information into Log File
CVSS: 4
CVSS V3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
References: Vendor Advisory
Third Party Advisory