- Reported
-
- Issued
-
- Package
-
matrix-sdk
(crates.io)
- Type
-
Vulnerability
- Details
-
https://github.com/matrix-org/matrix-rust-sdk/issues/1110
- Patched
-
- Unaffected
-
Description
When sending Matrix requests using an affected version of matrix-sdk
in an application that
writes logs using tracing-subscriber
(in a way that includes fields of tracing spans such as
tracing_subscriber
s default text output from the fmt
module), these logs will contain the
user's access token.