zuul@3.0.0 vulnerabilities

A Project Gating System

  • latest version

    11.2.0

  • latest non vulnerable version

  • first published

    12 years ago

  • latest version published

    24 days ago

  • licenses detected

  • Direct Vulnerabilities

    Known vulnerabilities in the zuul package. This does not include vulnerabilities belonging to this package’s dependencies.

    How to fix?

    Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

    Fix for free
    VulnerabilityVulnerable Version
    • C
    Information Exposure

    zuul is a project gating system.

    Affected versions of this package are vulnerable to Information Exposure. If nodes become offline during the build, the no_log attribute of a task got ignored. In case the unreachable error occurred in a task used with a loop variable , the contents of the loop items would be printed in the console. This could lead to accidentally leaking credentials or secrets.

    How to fix Information Exposure?

    Upgrade zuul to version 3.1.0 or higher.

    [,3.1.0)