Описание
Logging of the firestore key within nodejs-firestore
A potential logging of the firestore key via logging within nodejs-firestore exists - Developers who were logging objects through this._settings would be logging the firestore key as well potentially exposing it to anyone with logs read access. We recommend upgrading to version 6.1.0 to avoid this issue
Пакеты
Наименование
@google-cloud/firestore
npm
Затронутые версииВерсия исправления
< 6.1.0
6.1.0
Связанные уязвимости
CVSS3: 4
nvd
около 2 лет назад
A potential logging of the firestore key via logging within nodejs-firestore exists - Developers who were logging objects through this._settings would be logging the firestore key as well potentially exposing it to anyone with logs read access. We recommend upgrading to version 6.1.0 to avoid this issue