Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

15 advisories

Loading
flask-cors vulnerable to log injection when the log level is set to debug Moderate
CVE-2024-1681 was published for flask-cors (pip) Apr 19, 2024
bayandin
Sentry vulnerable to leaking superuser cleartext password in logs High
CVE-2024-32474 was published for sentry (pip) Apr 18, 2024
lluuaapp
Keycloak vulnerable to log Injection during WebAuthn authentication or registration Moderate
CVE-2023-6484 was published for org.keycloak:keycloak-services (Maven) Apr 17, 2024
dhvakr
Potential log injection in reset user endpoint in CKAN Moderate
CVE-2024-27097 was published for ckan (pip) Mar 13, 2024
ZuhairORZaki
Ansible-core information disclosure flaw Moderate
CVE-2024-0690 was published for ansible-core (pip) Feb 6, 2024
Shopware's log module vulnerable to Improper Output Neutralization Low
CVE-2023-22733 was published for shopware/core (Composer) Jan 20, 2023
Yapscan's report receiver server vulnerable to path traversal and log injection High
GHSA-9h6h-9g78-86f7 was published for github.com/fkie-cad/yapscan (Go) Dec 29, 2022
tdunlap607
Gin's default logger allows unsanitized input that can allow remote attackers to inject arbitrary log lines High
CVE-2020-36567 was published for github.com/gin-gonic/gin (Go) Dec 27, 2022
Log Injection in Apache Sling Commons Log and Apache Sling API Moderate
CVE-2022-32549 was published for org.apache.sling:org.apache.sling.api (Maven) Jun 23, 2022
Improper Output Neutralization for Logs in Spring Framework Moderate
CVE-2021-22096 was published for org.springframework:spring (Maven) May 24, 2022
artanaliji
Ansible Uses Plugins That Disclose Credentials High
CVE-2019-14846 was published for ansible (pip) May 24, 2022
Improper Output Neutralization and Improper Encoding or Escaping of Output for Logs in ansible Moderate
CVE-2020-14330 was published for ansible (pip) Feb 9, 2022
Temporary urls leaked via logging Low
CVE-2017-8761 was published for swift (pip) Jun 8, 2021
Log Forging in generator-jhipster-kotlin Moderate
CVE-2020-4072 was published for generator-jhipster-kotlin (npm) Jun 25, 2020
ProTip! Advisories are also available from the GraphQL API