9 matches found
EUVD-2023-23784
Malicious code in bioql PyPI...
RUSTSEC-2023-0125 Logs AWS credentials when TRACE-level logging is enabled
aws-sigv4 is a rust library for low level request signing in the aws cloud platform. The awssigv4::SigningParams struct had a derived Debug implementation. When debug-formatted, it would include a user's AWS access key, AWS secret key, and security token in plaintext. When TRACE-level logging is...
CVE-2023-1550
Insertion of Sensitive Information into log file vulnerability in NGINX Agent. NGINX Agent version 2.0 before 2.23.3 inserts sensitive information into a log file. An authenticated attacker with local access to read agent log files may gain access to private keys. This issue is only exposed when...
CVE-2023-1550
Insertion of Sensitive Information into log file vulnerability in NGINX Agent. NGINX Agent version 2.0 before 2.23.3 inserts sensitive information into a log file. An authenticated attacker with local access to read agent log files may gain access to private keys. This issue is only exposed when...
Design/Logic Flaw
Insertion of Sensitive Information into log file vulnerability in NGINX Agent. NGINX Agent version 2.0 before 2.23.3 inserts sensitive information into a log file. An authenticated attacker with local access to read agent log files may gain access to private keys. This issue is only exposed when...
CVE-2023-1550 NGINX Agent vulnerability CVE-2023-1550
Insertion of Sensitive Information into log file vulnerability in NGINX Agent. NGINX Agent version 2.0 before 2.23.3 inserts sensitive information into a log file. An authenticated attacker with local access to read agent log files may gain access to private keys. This issue is only exposed when...
CVE-2023-1550 NGINX Agent vulnerability CVE-2023-1550
Insertion of Sensitive Information into log file vulnerability in NGINX Agent. NGINX Agent version 2.0 before 2.23.3 inserts sensitive information into a log file. An authenticated attacker with local access to read agent log files may gain access to private keys. This issue is only exposed when...
K000133135: NGINX Agent vulnerability CVE-2023-1550
Security Advisory Description NGINX Agent inserts sensitive information into a log file. CVE-2023-1550 Impact An authenticated attacker with local access to read agent log files may gain access to private keys. This issue is only exposed when the non-default trace level logging is enabled. Note :...
BSA-2019-865
Security Advisory ID : BSA-2019-865 Component : SANnav Revision : 1.0 The authentication mechanism, in Brocade SANnav versions before v2.0,logs plaintext account credentials at the ‘trace’ and the 'debug'logging level;which could allow a local authenticated attacker to access sensitive informatio...