Falhas do tipo CWE-117

98 resultados
CVE-2019-14854MEDIUMOpenShift Container Platform 4 does not sanitize secret data written to static pod logs when the log level in a given operator is set to DebEPSS 0.8%CVE-2026-25548CRITICALInvoicePlane Vulnerable to Remote Code Execution via Local File Inclusion and Log PoisoningEPSS 0.8%CVE-2022-22151CAMS for HIS Log Server contained in the following Yokogawa Electric products fails to properly neutralize log outputs: CENTUM CS 3000 versiEPSS 0.8%CVE-2024-9606HIGHImproper Output Neutralization for Logs in berriai/litellmEPSS 0.7%CVE-2025-27111MEDIUMEscape Sequence Injection vulnerability in Rack lead to Possible Log InjectionEPSS 0.7%CVE-2024-29022HIGHSession Hijacking via XSS attack in header and session grid in Xibo CMSEPSS 0.7%CVE-2023-46322iTermSessionLauncher.m in iTerm2 before 3.5.0beta12 does not sanitize ssh hostnames in URLs. The hostname's initial character may be non-alpEPSS 0.7%CVE-2023-46321iTermSessionLauncher.m in iTerm2 before 3.5.0beta12 does not sanitize paths in x-man-page URLs. They may have shell metacharacters for a /usEPSS 0.7%CVE-2024-25047HIGHIBM Cognos Analytics log injectionEPSS 0.6%CVE-2025-48432MEDIUMAn issue was discovered in Django 5.2 before 5.2.3, 5.1 before 5.1.11, and 4.2 before 4.2.23. Internal HTTP response logging does not escapeEPSS 0.6%CVE-2024-1681MEDIUMLog Injection Vulnerability in corydolphin/flask-corsEPSS 0.6%CVE-2024-0095MEDIUMCVEEPSS 0.5%CVE-2024-22356MEDIUMIBM App Connect Enterprise and IBM Integration Bus for z/OS information disclosureEPSS 0.5%CVE-2024-8297MEDIUMkitsada8621 Digital Library Management System jwt_refresh_token_middleware.go JwtRefreshAuth neutralization for logsEPSS 0.5%CVE-2025-54656MEDIUMApache Struts Extras: Improper Output Neutralization for LogsEPSS 0.5%CVE-2021-23266MEDIUMImproper Output Neutralization for Logs in Crafter StudioEPSS 0.5%CVE-2019-14846HIGHIn Ansible, all Ansible Engine versions up to ansible-engine 2.8.5, ansible-engine 2.7.13, ansible-engine 2.6.19, were logging at the DEBUG EPSS 0.5%CVE-2024-9026LOWPHP-FPM logs from children may be alteredEPSS 0.5%CVE-2023-46713MEDIUMAn improper output neutralization for logs in Fortinet FortiWeb 6.2.0 - 6.2.8, 6.3.0 - 6.3.23, 7.0.0 - 7.0.9, 7.2.0 - 7.2.5 and 7.4.0 may alEPSS 0.5%CVE-2024-8334MEDIUMmaster-nan Sweet-CMS log.go LogHandler neutralization for logsEPSS 0.5%