Lucene search
K

4 matches found

Veracode
Veracode
added 2024/04/22 5:53 a.m.29 views

Log Injection

flask-cors is vulnerable to Log Injection when the log level is set to debug. The vulnerability is due to improper output neutralization for logs within extension.py. This allows attackers to insert fake log entries through specially crafted GET requests containing CRLF sequences in the request...

5.3CVSS7.1AI score0.00574EPSS
Exploits1References2Affected Software1
Veracode
Veracode
added 2022/06/23 5:28 a.m.40 views

Log Injection

org.apache.sling:org.apache.sling.api and org.apache.sling:org.apache.sling.commons.log is vulnerable to log injection. A remote attacker with privileges to forge logs, is able to inject fake logs and potentially corrupt log files, causing unintended behavior in the the system...

5.3CVSS5.9AI score0.0222EPSS
Exploits0References3Affected Software2
OSV
OSV
added 2022/06/22 3:15 p.m.14 views

CVE-2022-32549

Apache Sling Commons Log = 5.4.0 and Apache Sling API = 2.25.0 are vulnerable to log injection. The ability to forge logs may allow an attacker to cover tracks by injecting fake logs and potentially corrupt log files...

5.3CVSS5.5AI score
Exploits0References1
Cvelist
Cvelist
added 2022/06/22 2:25 p.m.15 views

CVE-2022-32549 log injection in Sling logging

Apache Sling Commons Log = 5.4.0 and Apache Sling API = 2.25.0 are vulnerable to log injection. The ability to forge logs may allow an attacker to cover tracks by injecting fake logs and potentially corrupt log files...

5.8AI score0.0222EPSS
Exploits0References1
Rows per page
Query Builder