PT-2026-7261

Name of the Vulnerable Software and Affected Versions Keycloak affected versions not specified Description A flaw exists in Keycloak where sensitive headers, including Authorization and Cookie, are disclosed in cleartext within log files when a verbose, user-supplied logging format—such as the...

RabbitMQ < 3.13.8 (GHSA-gh3x-4x42-fvq8)

RabbitMQ is a messaging and streaming broker. In versions 3.13.7 and prior, RabbitMQ is logging authorization headers in plaintext encoded in base64. When querying RabbitMQ api with HTTP/s with basic authentication it creates logs with all headers in request, including authorization headers which...

CVE-2024-11274

An issue was discovered in GitLab CE/EE affecting all versions starting from 16.1 prior to 17.4.6, starting from 17.5 prior to 17.5.4, and starting from 17.6 prior to 17.6.2, injection of NEL headers in k8s proxy response could lead to session data exfiltration...

VMware Reactor Netty 安全漏洞

VMware Reactor Netty is a VMware USA company that provides non-blocking and backpressure-ready TCP/HTTP/UDP/QUIC clients and servers based on the Netty framework. A security vulnerability exists in VMware Reactor Netty versions 1.0.11 through 1.0.23, which stems from logging headers in the presen...