Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

GHSA-ghgq-x6wc-6jr5

GitHub Security Advisory

Zowe CLI allows storage of previously entered secure credentials in a plaintext file

✓ GitHub Reviewed MODERATE Has CVE
View on GitHub

Advisory Details

A vulnerability in Zowe CLI allows local, privileged actors to store previously entered secure credentials in a plaintext file as part of an auto-init operation.

Affected Packages

npm @zowe/cli
Affected versions: 7.18.0 (fixed in 7.23.5)

Related CVEs

CVE-2024-6833

Key Information

GHSA ID
GHSA-ghgq-x6wc-6jr5
Published
July 17, 2024 3:30 PM
Last Modified
July 17, 2024 7:30 PM
CVSS Score
5.0 /10
Primary Ecosystem
npm
Primary Package
@zowe/cli
GitHub Reviewed
✓ Yes

Dataset

Last updated: November 25, 2025 6:29 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.