9 matches found
BIT-AIRFLOW-2025-66236 Apache Airflow: Secrets from Airflow config file logged in plain text in DAG run logs UI
Before Airflow 3.2.0, it was unclear that secure Airflow deployments require the Deployment Manager to take appropriate actions and pay attention to security details and security model of Airflow. Some assumptions the Deployment Manager could make were not clear or explicit enough, even though...
GHSA-J86X-FWP2-QH7V Apache Airflow: Secrets from Airflow config file logged in plain text in DAG run logs UI
Before Airflow 3.2.0, it was unclear that secure Airflow deployments require the Deployment Manager to take appropriate actions and pay attention to security details and security model of Airflow. Some assumptions the Deployment Manager could make were not clear or explicit enough, even though...
Exposure Of Sensitive Information
github.com/rancher/rancher is vulnerable to Exposure of Sensitive Information. The vulnerability is due to sensitive data being written to Rancher audit logs, which allows an attacker with access to these logs to obtain secret data, cluster import URLs, and registration tokens...
CVE-2025-34188
Vasion Print formerly PrinterLogic Virtual Appliance Host versions prior to 1.0.735 and Application prior to 20.0.1330 macOS/Linux client deployments contain a vulnerability in the local logging mechanism. Authentication session tokens, including PHPSESSID, XSRF-TOKEN, and laravelsession, are...
io.quarkiverse.cxf:quarkus-cxf: Quarkus CXF may log user password and secret to application log
A vulnerability was found in Quarkus CXF. Passwords and other secrets may appear in the application log in spite of the user configuring them to be hidden. This issue requires some special configuration to be vulnerable, such as SOAP logging enabled, application set client, and endpoint logging...
Checkmk 安全漏洞
Checkmk is an IT monitoring platform from Checkmk, Inc. A security vulnerability exists in Checkmk that stems from the insertion of sensitive information into log files, which could result in SNMP and IMPI secrets for host and folder attributes being written to administrator-accessible audit log...
Quarkus CXF 日志信息泄露漏洞
Quarkus CXF is an extension to Quarkiverse open source. Quarkus CXF suffers from a log information disclosure vulnerability that stems from the fact that passwords and other secrets may appear in application logs despite users configuring them to be hidden...
CVE-2022-26311
Couchbase Operator 2.2.x before 2.2.3 exposes Sensitive Information to an Unauthorized Actor. Secrets are not redacted in logs collected from Kubernetes environments...
Palo Alto Networks Prisma Cloud 日志信息泄露漏洞
Palo Alto Networks Prisma Cloud is a comprehensive cloud-native security platform from US-based Palo Alto Networks, Inc. provides cloud security services. Palo Alto Networks Prisma Cloud Compute suffers from a log information disclosure vulnerability that originates when a secret used to authoriz...