CVE-2022-1157

Missing sanitization of logged exception messages in all versions prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 of GitLab CE/EE causes potential sensitive values in invalid URLs to be logged...

Improper Authorization

gitLab is vulnerable to Missing Sanitization. This vulnerability exits due to the lack of validation of request URLs, allowing an attacker to include sensitive values from logged exception messages within invalid URLs, which are then logged...

Design/Logic Flaw

Missing sanitization of logged exception messages in all versions prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 of GitLab CE/EE causes potential sensitive values in invalid URLs to be logged...

keycloak: Password leak by logged exception in HttpMethod class

A flaw was found in keycloak. A logged exception in the HttpMethod class may leak the password given as parameter. The highest threat from this vulnerability is to data confidentiality...

keycloak: Password leak by logged exception in HttpMethod class

A flaw was found in keycloak. A logged exception in the HttpMethod class may leak the password given as parameter. The highest threat from this vulnerability is to data confidentiality...

keycloak: Password leak by logged exception in HttpMethod class

A flaw was found in keycloak. A logged exception in the HttpMethod class may leak the password given as parameter. The highest threat from this vulnerability is to data confidentiality...

CVE-2020-1698

A flaw was found in keycloak in versions before 9.0.0. A logged exception in the HttpMethod class may leak the password given as parameter. The highest threat from this vulnerability is to data confidentiality...