14 matches found
Astra Linux - уязвимость в linux, linux-5.15, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: wifi: ath6kl: The severity of the WARN message has been reduced to be sent via devdbg in the callback. The warning is triggered due to a known race condition, which is documented in the code above. This issue is now properly...
Logging of Excessive Data
Overview Affected versions of this package are vulnerable to Logging of Excessive Data via the cookies attribute. An attacker can generate excessive warning-level log entries by sending specially crafted Cookie headers. Remediation Upgrade aiohttp to version 3.13.3 or higher. References - GitHub...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the use of an improper warning level, which can lead to misleading error messages...
CVE-2023-53639 wifi: ath6kl: reduce WARN to dev_dbg() in callback
In the Linux kernel, the following vulnerability has been resolved: wifi: ath6kl: reduce WARN to devdbg in callback The warn is triggered on a known race condition, documented in the code above the test, that is correctly handled. Using WARN hinders automated testing. Reducing severity...
PT-2025-41083
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A change was made to reduce the severity of a warning message in the ath6kl module related to Wi-Fi functionality. The warning was triggered by a known race condition that is already...
Information Disclosure
typo3/cms-core is vulnerable to Information Disclosure. The vulnerability is due to login failures being logged at the "warning" level instead of the "debug" level, which exposes plain text credential information...
PT-2024-40500 · Osv · Osv
Name of the Vulnerable Software and Affected Versions: OSV affected versions not specified Description: A security issue has been found where login failures are logged on the default stream with log level "warning", including plain-text user credentials. Recommendations: At the moment, there is n...
PT-2024-24600 · Sentry · Sentry
Name of the Vulnerable Software and Affected Versions: Sentry versions prior to 24.4.1 Description: Sentry is an error tracking and performance monitoring platform. When authenticating as a superuser to Sentry with a username and password, the password is leaked as cleartext in logs under the eve...
BIT-WILDFLY-2020-25640
A flaw was discovered in WildFly before 21.0.0.Final where, Resource adapter logs plain text JMS password at warning level on connection error, inserting sensitive information in the log file...
SUSE CVE-2014-1948
OpenStack Image Registry and Delivery Service Glance 2013.2 through 2013.2.1 and Icehouse before icehouse-2 logs a URL containing the Swift store backend password when authentication fails and WARNING level logging is enabled, which allows local users to obtain sensitive information by reading th...
wildfly: resource adapter logs plaintext JMS password at warning level on connection error
A flaw was found in wildfly. JMS passwords are logged by the resource adaptor in plain text at the warning level when a connection error occurs allowing any user that has access to the log to gain access to this sensitive information. The highest threat from this vulnerability is to data...
wildfly: resource adapter logs plaintext JMS password at warning level on connection error
A flaw was found in wildfly. JMS passwords are logged by the resource adaptor in plain text at the warning level when a connection error occurs allowing any user that has access to the log to gain access to this sensitive information. The highest threat from this vulnerability is to data...
SUSE SLES15 Security Update : buildah (SUSE-SU-2020:3423-1)
This update for buildah fixes the following issues : buildah was updated to v1.17.0 bsc1165184 : Handle cases where other tools mount/unmount containers overlay.MountReadOnly: support RO overlay mounts overlay: use fusermount for rootless umounts overlay: fix umount Switch default log level of...
PYSEC-2014-102
OpenStack Image Registry and Delivery Service Glance 2013.2 through 2013.2.1 and Icehouse before icehouse-2 logs a URL containing the Swift store backend password when authentication fails and WARNING level logging is enabled, which allows local users to obtain sensitive information by reading th...