{"id":"CVE-2020-10762","details":"An information-disclosure flaw was found in the way that gluster-block before 0.5.1 logs the output from gluster-block CLI operations. This includes recording passwords to the cmd_history.log file which is world-readable. This flaw allows local users to obtain sensitive information by reading the log file. The highest threat from this vulnerability is to data confidentiality.","modified":"2026-07-08T20:57:56.773863Z","published":"2020-11-24T17:15:10.567Z","references":[{"type":"ADVISORY","url":"https://github.com/gluster/gluster-block/releases/tag/v0.5.1"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1845067"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/gluster/gluster-block","events":[{"introduced":"0"},{"fixed":"1ac09cf31c9c5783a70f8d8b3c2ff4bc379edecc"}],"database_specific":{"source":["CPE_RANGE","REFERENCES"],"extracted_events":[{"introduced":"0"},{"fixed":"0.5.1"}],"cpe":"cpe:2.3:a:redhat:gluster-block:*:*:*:*:*:*:*:*"}}],"versions":["v0.5","v0.4","v0.3","v0.2.1","v0.2","v0.1.1","v0.1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-10762.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}]}