5 matches found
Security Bulletin: Remediation of Multiple Apache Struts 1.3.10 Vulnerabilities in IBM Library Support for Struts
Summary Multiple EOL Apache Struts 1.3.10 Vulnerabilities have been addressed in IBM Library Support for Struts Vulnerability Details CVEID:CVE-2025-54656 DESCRIPTION: UNSUPPORTED WHEN ASSIGNED Improper Output Neutralization for Logs vulnerability in Apache Struts. This issue affects Apache Strut...
EUVD-2017-8298
Malware in sbrugna...
CVE-2025-54813
Improper Output Neutralization for Logs vulnerability in Apache Log4cxx. When using JSONLayout, not all payload bytes are properly escaped. If an attacker-supplied message contains certain non-printable characters, these will be passed along in the message and written out as part of the JSON...
PT-2025-2435 · Ibm · Ibm Maximo Application Suite
Name of the Vulnerable Software and Affected Versions: IBM Maximo Application Suite versions 8.10.12 through 9.1.0 Description: The issue is related to the Monitor Component of the IBM Maximo Application Suite, which fails to properly handle log output. This could allow a remote attacker to injec...
flask-cors 安全漏洞
Flask-CORS is a cross-origin resource sharing component for Flask. A security vulnerability exists in flask-cors, which stems from improper neutralization of log output, allowing an attacker to corrupt log files, potentially masking the trail of other attacks, obfuscating log processing tools, an...