Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:golang/github.com/hashicorp/go-retryablehttp@0.7.7
Typegolang
Namespacegithub.com/hashicorp
Namego-retryablehttp
Version0.7.7
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-k54u-rbhx-bbbu
vulnerability_id VCID-k54u-rbhx-bbbu
summary 
go-retryablehttp can leak basic auth credentials to log files
go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp 0.7.7.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6104.json
reference_id
reference_type
scores
0
value 6.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6104.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-6104
reference_id
reference_type
scores
0
value 0.00045
scoring_system epss
scoring_elements 0.13905
published_at 2026-04-21T12:55:00Z
1
value 0.00045
scoring_system epss
scoring_elements 0.13833
published_at 2026-04-18T12:55:00Z
2
value 0.00045
scoring_system epss
scoring_elements 0.13839
published_at 2026-04-16T12:55:00Z
3
value 0.00045
scoring_system epss
scoring_elements 0.13936
published_at 2026-04-13T12:55:00Z
4
value 0.00045
scoring_system epss
scoring_elements 0.13985
published_at 2026-04-12T12:55:00Z
5
value 0.00045
scoring_system epss
scoring_elements 0.14022
published_at 2026-04-11T12:55:00Z
6
value 0.00045
scoring_system epss
scoring_elements 0.14077
published_at 2026-04-09T12:55:00Z
7
value 0.00045
scoring_system epss
scoring_elements 0.14024
published_at 2026-04-08T12:55:00Z
8
value 0.00045
scoring_system epss
scoring_elements 0.13941
published_at 2026-04-07T12:55:00Z
9
value 0.00045
scoring_system epss
scoring_elements 0.14135
published_at 2026-04-04T12:55:00Z
10
value 0.00045
scoring_system epss
scoring_elements 0.14082
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-6104
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6104
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6104
3
reference_url https://discuss.hashicorp.com/c/security
reference_id
reference_type
scores
0
value 6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-24T19:19:22Z/
url https://discuss.hashicorp.com/c/security
4
reference_url https://discuss.hashicorp.com/t/hcsec-2024-12-go-retryablehttp-can-leak-basic-auth-credentials-to-log-files/68027
reference_id
reference_type
scores
0
value 6.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://discuss.hashicorp.com/t/hcsec-2024-12-go-retryablehttp-can-leak-basic-auth-credentials-to-log-files/68027
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://github.com/advisories/GHSA-v6v8-xj6m-xwqh
reference_id
reference_type
scores
0
value 6.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-v6v8-xj6m-xwqh
7
reference_url https://github.com/hashicorp/go-retryablehttp
reference_id
reference_type
scores
0
value 6.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/hashicorp/go-retryablehttp
8
reference_url https://github.com/hashicorp/go-retryablehttp/commit/a99f07beb3c5faaa0a283617e6eb6bcf25f5049a
reference_id
reference_type
scores
0
value 6.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/hashicorp/go-retryablehttp/commit/a99f07beb3c5faaa0a283617e6eb6bcf25f5049a
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-6104
reference_id
reference_type
scores
0
value 6.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-6104
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1076773
reference_id 1076773
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1076773
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2294000
reference_id 2294000
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2294000
12
reference_url https://access.redhat.com/errata/RHSA-2024:10518
reference_id RHSA-2024:10518
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:10518
13
reference_url https://access.redhat.com/errata/RHSA-2024:10823
reference_id RHSA-2024:10823
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:10823
14
reference_url https://access.redhat.com/errata/RHSA-2024:11562
reference_id RHSA-2024:11562
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:11562
15
reference_url https://access.redhat.com/errata/RHSA-2024:3722
reference_id RHSA-2024:3722
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3722
16
reference_url https://access.redhat.com/errata/RHSA-2024:4316
reference_id RHSA-2024:4316
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4316
17
reference_url https://access.redhat.com/errata/RHSA-2024:4321
reference_id RHSA-2024:4321
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4321
18
reference_url https://access.redhat.com/errata/RHSA-2024:4469
reference_id RHSA-2024:4469
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4469
19
reference_url https://access.redhat.com/errata/RHSA-2024:4479
reference_id RHSA-2024:4479
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4479
20
reference_url https://access.redhat.com/errata/RHSA-2024:4846
reference_id RHSA-2024:4846
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4846
21
reference_url https://access.redhat.com/errata/RHSA-2024:4853
reference_id RHSA-2024:4853
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4853
22
reference_url https://access.redhat.com/errata/RHSA-2024:4858
reference_id RHSA-2024:4858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4858
23
reference_url https://access.redhat.com/errata/RHSA-2024:4872
reference_id RHSA-2024:4872
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4872
24
reference_url https://access.redhat.com/errata/RHSA-2024:4963
reference_id RHSA-2024:4963
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4963
25
reference_url https://access.redhat.com/errata/RHSA-2024:4965
reference_id RHSA-2024:4965
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4965
26
reference_url https://access.redhat.com/errata/RHSA-2024:5107
reference_id RHSA-2024:5107
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5107
27
reference_url https://access.redhat.com/errata/RHSA-2024:5160
reference_id RHSA-2024:5160
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5160
28
reference_url https://access.redhat.com/errata/RHSA-2024:5194
reference_id RHSA-2024:5194
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5194
29
reference_url https://access.redhat.com/errata/RHSA-2024:5199
reference_id RHSA-2024:5199
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5199
30
reference_url https://access.redhat.com/errata/RHSA-2024:5200
reference_id RHSA-2024:5200
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5200
31
reference_url https://access.redhat.com/errata/RHSA-2024:5433
reference_id RHSA-2024:5433
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5433
32
reference_url https://access.redhat.com/errata/RHSA-2024:5444
reference_id RHSA-2024:5444
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5444
33
reference_url https://access.redhat.com/errata/RHSA-2024:5446
reference_id RHSA-2024:5446
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5446
34
reference_url https://access.redhat.com/errata/RHSA-2024:5547
reference_id RHSA-2024:5547
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5547
35
reference_url https://access.redhat.com/errata/RHSA-2024:5808
reference_id RHSA-2024:5808
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5808
36
reference_url https://access.redhat.com/errata/RHSA-2024:6004
reference_id RHSA-2024:6004
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:6004
37
reference_url https://access.redhat.com/errata/RHSA-2024:6194
reference_id RHSA-2024:6194
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:6194
38
reference_url https://access.redhat.com/errata/RHSA-2024:6409
reference_id RHSA-2024:6409
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:6409
39
reference_url https://access.redhat.com/errata/RHSA-2024:6642
reference_id RHSA-2024:6642
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:6642
40
reference_url https://access.redhat.com/errata/RHSA-2024:6738
reference_id RHSA-2024:6738
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:6738
41
reference_url https://access.redhat.com/errata/RHSA-2024:6755
reference_id RHSA-2024:6755
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:6755
42
reference_url https://access.redhat.com/errata/RHSA-2024:6811
reference_id RHSA-2024:6811
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:6811
43
reference_url https://access.redhat.com/errata/RHSA-2024:7184
reference_id RHSA-2024:7184
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:7184
44
reference_url https://access.redhat.com/errata/RHSA-2024:7237
reference_id RHSA-2024:7237
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:7237
45
reference_url https://access.redhat.com/errata/RHSA-2024:7323
reference_id RHSA-2024:7323
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:7323
46
reference_url https://access.redhat.com/errata/RHSA-2024:7324
reference_id RHSA-2024:7324
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:7324
47
reference_url https://access.redhat.com/errata/RHSA-2024:7624
reference_id RHSA-2024:7624
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:7624
48
reference_url https://access.redhat.com/errata/RHSA-2024:7744
reference_id RHSA-2024:7744
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:7744
49
reference_url https://access.redhat.com/errata/RHSA-2024:8040
reference_id RHSA-2024:8040
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:8040
50
reference_url https://access.redhat.com/errata/RHSA-2024:8314
reference_id RHSA-2024:8314
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:8314
51
reference_url https://access.redhat.com/errata/RHSA-2024:8677
reference_id RHSA-2024:8677
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:8677
52
reference_url https://access.redhat.com/errata/RHSA-2024:9115
reference_id RHSA-2024:9115
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:9115
53
reference_url https://access.redhat.com/errata/RHSA-2025:0029
reference_id RHSA-2025:0029
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:0029
54
reference_url https://access.redhat.com/errata/RHSA-2025:0536
reference_id RHSA-2025:0536
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:0536
55
reference_url https://access.redhat.com/errata/RHSA-2025:1116
reference_id RHSA-2025:1116
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1116
56
reference_url https://access.redhat.com/errata/RHSA-2025:11669
reference_id RHSA-2025:11669
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11669
57
reference_url https://access.redhat.com/errata/RHSA-2025:1829
reference_id RHSA-2025:1829
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1829
58
reference_url https://access.redhat.com/errata/RHSA-2025:1865
reference_id RHSA-2025:1865
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1865
59
reference_url https://access.redhat.com/errata/RHSA-2025:1866
reference_id RHSA-2025:1866
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1866
60
reference_url https://access.redhat.com/errata/RHSA-2025:3714
reference_id RHSA-2025:3714
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:3714
61
reference_url https://access.redhat.com/errata/RHSA-2025:9776
reference_id RHSA-2025:9776
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9776
fixed_packages
0
url pkg:golang/github.com/hashicorp/go-retryablehttp@0.7.7
purl pkg:golang/github.com/hashicorp/go-retryablehttp@0.7.7
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:golang/github.com/hashicorp/go-retryablehttp@0.7.7
aliases CVE-2024-6104, GHSA-v6v8-xj6m-xwqh
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k54u-rbhx-bbbu
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:golang/github.com/hashicorp/go-retryablehttp@0.7.7