Fallos del tipo CWE-117

98 resultados
CVE-2021-43410airavata-django-portal allows CRLF log injection because of the lack of escaping in the log statementsEPSS 2.4%CVE-2022-32549log injection in Sling loggingEPSS 2.2%CVE-2019-14864MEDIUMAnsible, versions 2.9.x before 2.9.1, 2.8.x before 2.8.7 and Ansible versions 2.7.x before 2.7.15, is not respecting the flag no_log set it EPSS 1.9%CVE-2021-42250Possible log injectionEPSS 1.8%CVE-2024-47083HIGHPower Platform Terraform Provider has Improper Masking of Secrets in LogsEPSS 1.5%CVE-2020-25646HIGHA flaw was found in Ansible Collection community.crypto. openssl_privatekey_info exposes private key in logs. This directly impacts confidenEPSS 1.4%CVE-2021-20333MEDIUMServer log entry spoofing via newline injectionEPSS 1.3%CVE-2021-22096In Spring Framework versions 5.3.0 - 5.3.10, 5.2.0 - 5.2.17, and older unsupported versions, it is possible for a user to provide malicious EPSS 1.3%CVE-2020-4072MEDIUMLog Forging in generator-jhipster-kotlinEPSS 1.2%CVE-2025-54813MEDIUMApache Log4cxx: Improper escaping with JSONLayoutEPSS 1.2%CVE-2020-11644MEDIUMGateManager Audit Message Spoofing VulnerabilityEPSS 1.2%CVE-2025-25184MEDIUMPossible Log Injection in Rack::CommonLoggerEPSS 1.1%CVE-2025-54812LOWApache Log4cxx: Improper HTML escaping in HTMLLayoutEPSS 1.1%CVE-2018-10932MEDIUMlldptool version 1.0.1 and older can print a raw, unsanitized attacker controlled buffer when mngAddr information is displayed. This may allEPSS 1.0%CVE-2023-39461MEDIUMTriangle MicroWorks SCADA Data Gateway Event Log Improper Output Neutralization For Logs Arbitrary File Write VulnerabilityEPSS 1.0%CVE-2023-6484MEDIUMKeycloak: log injection during webauthn authentication or registrationEPSS 1.0%CVE-2019-10213MEDIUMOpenShift Container Platform, versions 4.1 and 4.2, does not sanitize secret data written to pod logs when the log level in a given operatorEPSS 1.0%CVE-2024-0987MEDIUMSichuan Yougou Technology KuERP log neutralization for logsEPSS 0.9%CVE-2015-10011MEDIUMOpenDNS OpenResolve endpoints.py neutralization for logsEPSS 0.9%CVE-2026-34478MEDIUMApache Log4j Core: Log injection in Rfc5424Layout due to silent configuration incompatibilityEPSS 0.8%