EUVD-2025-37317

Sensitive data exposure via logging in basic-auth leads to plaintext usernames and passwords written to error logs and forwarded to log sinks when log level is INFO/DEBUG. This creates a high risk of credential compromise through log access. It has been fixed in the following commit: ...

CVE-2025-62232 Apache APISIX: basic-auth logs plaintext credentials at info level

Sensitive data exposure via logging in basic-auth leads to plaintext usernames and passwords written to error logs and forwarded to log sinks when log level is INFO/DEBUG. This creates a high risk of credential compromise through log access. It has been fixed in the following commit: ...

EUVD-2023-3054

Malicious code in bioql PyPI...

CVE-2023-47390

Headscale through 0.22.3 writes bearer tokens to info-level logs...

Insertion Of Sensitive Information Into Log File

github.com/juanfont/headscale is vulnerable to Insertion Of Sensitive Information Into Log File. The vulnerability is due the HTTP api writting the whole bearer token to info-level logs...

Design/Logic Flaw

Headscale through 0.22.3 writes bearer tokens to info-level logs...

CVE-2023-47390

Headscale up to 0.22.3 stores bearer tokens in info‑level logs via the HTTP API, exposing credentials in logs. Multiple connected sources corroborate that tokens are written to logs when accessing the API, with the root cause described as logging sensitive data. Affected: Headscale; component: HT...