exploitDog

GHSA-f3fr-83vx-7f8c

Опубликовано: 05 сент. 2025

Источник: github

Github: Не прошло ревью

CVSS4: 5.1

CVSS3: 6.8

Описание

Obsidian GitHub Copilot Plugin versions prior to 1.1.7 store Github API token in cleartext form. As a result, an attacker may perform unauthorized operations on the linked Github account.

Obsidian GitHub Copilot Plugin versions prior to 1.1.7 store Github API token in cleartext form. As a result, an attacker may perform unauthorized operations on the linked Github account.

Ссылки

EPSS

Процентиль: 0%

0.00007

Низкий

5.1 Medium

CVSS4

6.8 Medium

CVSS3

CVE ID

Дефекты

CWE-312

Связанные уязвимости

CVE-2025-58401

CVSS3: 6.8

nvd

5 месяцев назад

Obsidian GitHub Copilot Plugin versions prior to 1.1.7 store Github API token in cleartext form. As a result, an attacker may perform unauthorized operations on the linked Github account.

EPSS

Процентиль: 0%

0.00007

Низкий

5.1 Medium

CVSS4

6.8 Medium

CVSS3

CVE ID

Дефекты

CWE-312