Information Exposure Affecting github.com/heketi/heketi/apps/glusterfs Open this link in a new tab package, versions <5.0.1
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.Test your applications
19 Feb 2018
5 Nov 2017
Affected versions of
github.com/heketi/heketi/apps/glusterfs are vulnerable to Information Exposure, where the heketi.json configuration file was world readable. An attacker having local access to the Heketi server could read plain-text passwords from the heketi.json file.
github.com/heketi/heketi/apps/glusterfs to version 5.0.1 or higher.