Metadata available on network #95
Comments
walterking
changed the title
|
I verified this, if you do |
|
this is how they fixed it. |
|
Ouch, this seems pretty bad. Can we steal that remote address check for hologram?
… On May 31, 2018, at 17:45, Valentino Volonghi ***@***.***> wrote:
***@***.***
this is how they fixed it.
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub, or mute the thread.
|
|
Yeah, should be pretty easy to do |
|
#97 This should do it. |
BillMedernach
pushed a commit
that referenced
this issue
Jun 4, 2018
|
Tested this with the latest version of Hologram and this vulnerability is fixed. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I came across 99designs/aws-vault#198, not sure if it applies and have nothing to test with, but someone should probably check if this issue applies to hologram or not as it could mean leaking credentials to anyone on the network
The text was updated successfully, but these errors were encountered: