Home
HIGH: 7.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:HDefault status
unaffected
1.0.0 (semver) before 1.0.2
affected
Description
A information disclosure when DEBUG loglevel is set in SUSE Rancher AI Agent 1.0 before 1.0.2 could leak API keys or LLM response text with potential sensitive data into logfiles, allowing local attackers to misuse respective gained data or credentials.
Problem types
CWE-215 Insertion of sensitive information into debugging code
Product status
1.0.0 (semver) before 1.0.2
References
github.com/...-agent/security/advisories/GHSA-5r2r-h824-fr5v