Common Weakness Enumeration

CWE-117

Allowed

Improper Output Neutralization for Logs

Abstraction: Base · Status: Draft

The product constructs a log message from external input, but it does not neutralize or incorrectly neutralizes special elements when the message is written to a log file.

193 vulnerabilities reference this CWE, most recent first.

GHSA-6R52-JCM4-48GV

Vulnerability from github – Published: 2024-05-02 21:30 – Updated: 2024-06-21 21:33
VLAI
Details

IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.2 is vulnerable to injection attacks in application logging by not sanitizing user provided data. This could lead to further attacks against the system. IBM X-Force ID: 282956.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-25047"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-117"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-05-02T21:16:11Z",
    "severity": "HIGH"
  },
  "details": "IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.2 is vulnerable to injection attacks in application logging by not sanitizing user provided data. This could lead to further attacks against the system.  IBM X-Force ID:  282956.",
  "id": "GHSA-6r52-jcm4-48gv",
  "modified": "2024-06-21T21:33:58Z",
  "published": "2024-05-02T21:30:29Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25047"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/282956"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20240621-0007"
    },
    {
      "type": "WEB",
      "url": "https://www.ibm.com/support/pages/node/7149874"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6VM3-JJ99-7229

Vulnerability from github – Published: 2022-12-27 21:30 – Updated: 2023-01-10 15:56
VLAI
Summary
Gin's default logger allows unsanitized input that can allow remote attackers to inject arbitrary log lines
Details

Gin is a HTTP web framework written in Go (Golang). Unsanitized input in the default logger in github.com/gin-gonic/gin before v1.6.0 allows remote attackers to inject arbitrary log lines.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/gin-gonic/gin"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.6.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2020-36567"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-116",
      "CWE-117"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-12-30T00:56:53Z",
    "nvd_published_at": "2022-12-27T21:15:00Z",
    "severity": "HIGH"
  },
  "details": "Gin is a HTTP web framework written in Go (Golang). Unsanitized input in the default logger in github.com/gin-gonic/gin before v1.6.0 allows remote attackers to inject arbitrary log lines.",
  "id": "GHSA-6vm3-jj99-7229",
  "modified": "2023-01-10T15:56:22Z",
  "published": "2022-12-27T21:30:20Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36567"
    },
    {
      "type": "WEB",
      "url": "https://github.com/gin-gonic/gin/pull/2237"
    },
    {
      "type": "WEB",
      "url": "https://github.com/gin-gonic/gin/commit/a71af9c144f9579f6dbe945341c1df37aaf09c0d"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/gin-gonic/gin"
    },
    {
      "type": "WEB",
      "url": "https://pkg.go.dev/vuln/GO-2020-0001"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Gin\u0027s default logger allows unsanitized input that can allow remote attackers to inject arbitrary log lines"
}

GHSA-735X-M7JJ-QWVP

Vulnerability from github – Published: 2023-07-11 03:30 – Updated: 2024-04-04 05:54
VLAI
Details

SAP NetWeaver AS for Java - versions ENGINEAPI 7.50, SERVERCORE 7.50, J2EE-APPS 7.50, allows an unauthenticated attacker to craft a request over the network which can result in unwarranted modifications to a system log without user interaction. There is no ability to view any information or any effect on availability.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-31405"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-117"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-07-11T03:15:09Z",
    "severity": "MODERATE"
  },
  "details": "SAP NetWeaver AS for Java - versions ENGINEAPI 7.50, SERVERCORE 7.50, J2EE-APPS 7.50, allows an unauthenticated attacker to craft a request over the network which can result in unwarranted modifications to a system log without user interaction. There is no ability to view any information or any effect on availability.\n\n",
  "id": "GHSA-735x-m7jj-qwvp",
  "modified": "2024-04-04T05:54:26Z",
  "published": "2023-07-11T03:30:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-31405"
    },
    {
      "type": "WEB",
      "url": "https://me.sap.com/notes/3324732"
    },
    {
      "type": "WEB",
      "url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-772W-G99G-GJQJ

Vulnerability from github – Published: 2026-06-24 09:30 – Updated: 2026-06-24 09:30
VLAI
Details

Improper output neutralization for logs vulnerability in upKeeper Solutions upKeeper Instant Privilege Access on Windows allows Log Injection-Tampering-Forging.

This issue affects upKeeper Instant Privilege Access: through 1.6.1.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-10745"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-117"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-06-24T09:16:30Z",
    "severity": "HIGH"
  },
  "details": "Improper output neutralization for logs vulnerability in upKeeper Solutions upKeeper Instant Privilege Access on Windows allows Log Injection-Tampering-Forging.\n\nThis issue affects upKeeper Instant Privilege Access: through 1.6.1.",
  "id": "GHSA-772w-g99g-gjqj",
  "modified": "2026-06-24T09:30:49Z",
  "published": "2026-06-24T09:30:49Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-10745"
    },
    {
      "type": "WEB",
      "url": "https://support.upkeeper.se/hc/en-us/articles/28408945088796-CVE-2026-10745-Improper-output-neutralization-for-logs"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-7856-G3GV-9WQ8

Vulnerability from github – Published: 2026-07-07 20:04 – Updated: 2026-07-07 20:04
VLAI
Summary
netfoil: Attacker controlled data written to logs
Details

Summary

Domain names were written to the log without first being validated to contain allowed characters.

Impact

Depends on how the logs were used.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/tinfoil-factory/netfoil"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.3.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [],
  "database_specific": {
    "cwe_ids": [
      "CWE-117"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-07-07T20:04:22Z",
    "nvd_published_at": null,
    "severity": "LOW"
  },
  "details": "### Summary\nDomain names were written to the log without first being validated to contain allowed characters.\n\n### Impact\nDepends on how the logs were used.",
  "id": "GHSA-7856-g3gv-9wq8",
  "modified": "2026-07-07T20:04:22Z",
  "published": "2026-07-07T20:04:22Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/tinfoil-factory/netfoil/security/advisories/GHSA-7856-g3gv-9wq8"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/tinfoil-factory/netfoil"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "netfoil: Attacker controlled data written to logs"
}

GHSA-785X-QW4V-6872

Vulnerability from github – Published: 2022-02-09 22:00 – Updated: 2024-09-05 00:44
VLAI
Summary
Improper Output Neutralization and Improper Encoding or Escaping of Output for Logs in ansible
Details

An Improper Output Neutralization for Logs flaw was found in Ansible when using the uri module, where sensitive data is exposed to content and json output. This flaw allows an attacker to access the logs or outputs of performed tasks to read keys used in playbooks from other users within the uri module. The highest threat from this vulnerability is to data confidentiality.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "ansible"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.10.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2020-14330"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-116",
      "CWE-117",
      "CWE-532"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-04-05T16:14:01Z",
    "nvd_published_at": "2020-09-11T18:15:00Z",
    "severity": "MODERATE"
  },
  "details": "An Improper Output Neutralization for Logs flaw was found in Ansible when using the uri module, where sensitive data is exposed to content and json output. This flaw allows an attacker to access the logs or outputs of performed tasks to read keys used in playbooks from other users within the uri module. The highest threat from this vulnerability is to data confidentiality.",
  "id": "GHSA-785x-qw4v-6872",
  "modified": "2024-09-05T00:44:53Z",
  "published": "2022-02-09T22:00:08Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14330"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ansible/ansible/issues/68400"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ansible/ansible/pull/69653"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ansible/ansible/commit/e0f25a2b1f9e6c21f751ba0ed2dc2eee2152983e"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14330"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/advisories/GHSA-785x-qw4v-6872"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/ansible/ansible"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-3.yaml"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2021/dsa-4950"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Improper Output Neutralization and Improper Encoding or Escaping of Output for Logs in ansible"
}

GHSA-7C78-RM87-5673

Vulnerability from github – Published: 2025-07-31 14:04 – Updated: 2025-10-23 17:42
VLAI
Summary
MS SWIFT WEB-UI RCE Vulnerability
Details

I. Detailed Description:

This includes scenarios, screenshots, vulnerability reproduction methods. For account-related vulnerabilities, please provide test accounts. If the reproduction process is complex, you may record a video, upload it to Taopan, and attach the link.

  1. Install ms-swift pip install ms-swift -U

  2. Start web-ui swift web-ui --lang en

  3. After startup, access through browser at http://localhost:7860/ to see the launched fine-tuning framework program

  4. Fill in necessary parameters In the LLM Training interface, fill in required parameters including Model id, Dataset Code. The --output_dir can be filled arbitrarily as it will be modified later through packet capture

  5. Click Begin to start training. Capture packets and modify the parameter corresponding to --output_dir

You can see the concatenated command being executed in the terminal where web-ui was started

  1. Wait for the program to run (testing shows it requires at least 5 minutes), and you can observe the effect of command execution creating files

II. Vulnerability Proof (Write POC here):

/tmp/xxx'; touch /tmp/inject_success_1; #

III. Fix Solution: 1. The swift.ui.llm_train.llm_train.LLMTrain#train() method should not directly concatenate parameters with commands after receiving commands from the frontend 2. The swift.ui.llm_train.llm_train.LLMTrain#train_local() method should not use os.system for execution, but should be changed to subprocess.run([cmd, arg1, arg2...]) format

Author

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "ms-swift"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "3.7.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-41419"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-117"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-07-31T14:04:24Z",
    "nvd_published_at": null,
    "severity": "MODERATE"
  },
  "details": "**I. Detailed Description:** \n\nThis includes scenarios, screenshots, vulnerability reproduction methods. For account-related vulnerabilities, please provide test accounts. If the reproduction process is complex, you may record a video, upload it to Taopan, and attach the link.\n\n1. Install ms-swift\n   ```\n   pip install ms-swift -U\n   ```\n\n2. Start web-ui\n   ```\n   swift web-ui --lang en\n   ```\n\n3. After startup, access through browser at [http://localhost:7860/](http://localhost:7860/) to see the launched fine-tuning framework program\n\n4. Fill in necessary parameters\n   In the LLM Training interface, fill in required parameters including Model id, Dataset Code. The --output_dir can be filled arbitrarily as it will be modified later through packet capture\n\n5. Click Begin to start training. Capture packets and modify the parameter corresponding to --output_dir\n\n   You can see the concatenated command being executed in the terminal where web-ui was started\n\n6. Wait for the program to run (testing shows it requires at least 5 minutes), and you can observe the effect of command execution creating files\n\n**II. Vulnerability Proof (Write POC here):**\n```\n/tmp/xxx\u0027; touch /tmp/inject_success_1; #\n```\n\n**III. Fix Solution:**\n1. The swift.ui.llm_train.llm_train.LLMTrain#train() method should not directly concatenate parameters with commands after receiving commands from the frontend\n2. The swift.ui.llm_train.llm_train.LLMTrain#train_local() method should not use os.system for execution, but should be changed to subprocess.run([cmd, arg1, arg2...]) format\n\n## Author\n\n* Discovered by: [TencentAISec](https://github.com/TencentAISec)\n* Contact: *[security@tencent.com](mailto:security@tencent.com)*",
  "id": "GHSA-7c78-rm87-5673",
  "modified": "2025-10-23T17:42:54Z",
  "published": "2025-07-31T14:04:24Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/modelscope/ms-swift/security/advisories/GHSA-7c78-rm87-5673"
    },
    {
      "type": "WEB",
      "url": "https://github.com/modelscope/ms-swift/commit/32f09e9b0a44f19d44210e2b5b47c58ab01740e1"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/modelscope/ms-swift"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:P",
      "type": "CVSS_V4"
    }
  ],
  "summary": "MS SWIFT WEB-UI RCE Vulnerability"
}

GHSA-7CHF-CHRH-74Q7

Vulnerability from github – Published: 2024-03-26 15:30 – Updated: 2024-03-26 15:30
VLAI
Details

IBM App Connect Enterprise 11.0.0.1 through 11.0.0.23, 12.0.1.0 through 12.0.9.0 and IBM Integration Bus for z/OS 10.1 through 10.1.0.2store potentially sensitive information in log or trace files that could be read by a privileged user. IBM X-Force ID: 280893.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-22356"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-116",
      "CWE-117"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-03-26T15:15:48Z",
    "severity": "MODERATE"
  },
  "details": "IBM App Connect Enterprise 11.0.0.1 through 11.0.0.23, 12.0.1.0 through 12.0.9.0 and IBM Integration Bus for z/OS 10.1 through 10.1.0.2store potentially sensitive information in log or trace files that could be read by a privileged user.  IBM X-Force ID:  280893.",
  "id": "GHSA-7chf-chrh-74q7",
  "modified": "2024-03-26T15:30:51Z",
  "published": "2024-03-26T15:30:51Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22356"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/280893"
    },
    {
      "type": "WEB",
      "url": "https://www.ibm.com/support/pages/node/7145144"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-7CP7-JFP6-JH4F

Vulnerability from github – Published: 2023-01-20 17:33 – Updated: 2023-01-25 17:57
VLAI
Summary
Shopware's log module vulnerable to Improper Output Neutralization
Details

Impact

The log module contains all kind of sent mails. It is possible to see the password reset email of customers and admin users to gain probably more access.

Patches

Update to the latest 6.4.18.1 version.

Workarounds

  • For older versions of 6.1, 6.2, and 6.3, corresponding security measures are also available via a plugin. For the full range of functions, we recommend updating to the latest Shopware version.
  • Remove from all users the log module ACL rights
  • Disable logging

References

https://docs.shopware.com/en/shopware-6-en/security-updates/security-update-01-2023?category=security-updates

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 6.4.18.0"
      },
      "package": {
        "ecosystem": "Packagist",
        "name": "shopware/platform"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.4.18.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 6.4.18.0"
      },
      "package": {
        "ecosystem": "Packagist",
        "name": "shopware/core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.4.18.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2023-22733"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-117",
      "CWE-532"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-01-20T17:33:54Z",
    "nvd_published_at": "2023-01-17T22:15:00Z",
    "severity": "LOW"
  },
  "details": "### Impact\n\nThe log module contains all kind of sent mails. It is possible to see the password reset email of customers and admin users to gain probably more access.\n\n### Patches\nUpdate to the latest 6.4.18.1 version.\n\n### Workarounds\n- For older versions of 6.1, 6.2, and 6.3, corresponding security measures are also available via a plugin. For the full range of functions, we recommend updating to the latest Shopware version. \n- Remove from all users the log module ACL rights\n- [Disable logging](https://developer.shopware.com/docs/guides/hosting/performance/performance-tweaks#logging)\n\n### References\nhttps://docs.shopware.com/en/shopware-6-en/security-updates/security-update-01-2023?category=security-updates\n\n\n",
  "id": "GHSA-7cp7-jfp6-jh4f",
  "modified": "2023-01-25T17:57:42Z",
  "published": "2023-01-20T17:33:54Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/shopware/platform/security/advisories/GHSA-7cp7-jfp6-jh4f"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-22733"
    },
    {
      "type": "WEB",
      "url": "https://github.com/shopware/platform/commit/407a83063d7141c1a626441799c3ebef79498c07"
    },
    {
      "type": "WEB",
      "url": "https://developer.shopware.com/docs/guides/hosting/performance/performance-tweaks#logging"
    },
    {
      "type": "WEB",
      "url": "https://docs.shopware.com/en/shopware-6-en/security-updates/security-update-01-2023?category=security-updates"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/shopware/platform"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Shopware\u0027s log module vulnerable to Improper Output Neutralization"
}

GHSA-7CX2-G3H9-382P

Vulnerability from github – Published: 2026-06-16 21:02 – Updated: 2026-06-16 21:02
VLAI
Summary
Crawl4AI: Arbitrary file write (symlink/TOCTOU) plus log and webhook-header injection in Docker server
Details

Summary

Three backward-compatible hardening fixes in the Docker API server. The headline issue is an arbitrary file write via the screenshot/PDF output_path.

1. Arbitrary file write via output_path symlink / TOCTOU (primary)

POST /screenshot and POST /pdf accept an output_path constrained to ALLOWED_OUTPUT_DIR by validate_output_path. The 0.8.7 check was string-only: it did not resolve symlinks, so a symlinked path component inside the output directory could redirect the write outside the directory, and the final open() followed symlinks. On a deployment where the runtime user can write executable/cron locations this is an arbitrary-write to code-execution primitive. The API is unauthenticated by default.

Fix: validate_output_path now resolves the real path (symlinks) of the parent and re-checks containment, and the write uses O_NOFOLLOW (write_output_file). output_path remains supported.

2. CRLF log injection (CWE-117)

User-controlled URLs/errors reflected into log lines could embed CR/LF and forge additional log entries. Fix: a logging filter strips CR/LF/control characters from all records.

3. Webhook request-header injection (CWE-93/CWE-113)

User-supplied webhook headers were sent verbatim, allowing CRLF and hop-by-hop / sensitive header injection on the outbound webhook request. Fix: webhook headers are validated (name pattern, no control characters, deny Host/Content-Length/Transfer-Encoding/Authorization/Cookie/...), with early request-time rejection.

Impact

Arbitrary file write (potential code execution) for #1; log forging for #2; request smuggling / header injection on outbound webhooks for #3.

Workarounds

  • Upgrade to the patched version.
  • Enable authentication (CRAWL4AI_API_TOKEN).
  • Run the container with a read-only root filesystem.

Credits

Internal security audit (Crawl4AI maintainers).

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 0.8.7"
      },
      "package": {
        "ecosystem": "PyPI",
        "name": "crawl4ai"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.8.8"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [],
  "database_specific": {
    "cwe_ids": [
      "CWE-117",
      "CWE-22",
      "CWE-59",
      "CWE-93"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-06-16T21:02:19Z",
    "nvd_published_at": null,
    "severity": "HIGH"
  },
  "details": "### Summary\n\nThree backward-compatible hardening fixes in the Docker API server. The headline issue is an arbitrary file write via the screenshot/PDF `output_path`.\n\n### 1. Arbitrary file write via output_path symlink / TOCTOU (primary)\n\n`POST /screenshot` and `POST /pdf` accept an `output_path` constrained to `ALLOWED_OUTPUT_DIR` by `validate_output_path`. The 0.8.7 check was string-only: it did not resolve symlinks, so a symlinked path component inside the output directory could redirect the write outside the directory, and the final `open()` followed symlinks. On a deployment where the runtime user can write executable/cron locations this is an arbitrary-write to code-execution primitive. The API is unauthenticated by default.\n\nFix: `validate_output_path` now resolves the real path (symlinks) of the parent and re-checks containment, and the write uses `O_NOFOLLOW` (`write_output_file`). `output_path` remains supported.\n\n### 2. CRLF log injection (CWE-117)\n\nUser-controlled URLs/errors reflected into log lines could embed CR/LF and forge additional log entries. Fix: a logging filter strips CR/LF/control characters from all records.\n\n### 3. Webhook request-header injection (CWE-93/CWE-113)\n\nUser-supplied webhook headers were sent verbatim, allowing CRLF and hop-by-hop / sensitive header injection on the outbound webhook request. Fix: webhook headers are validated (name pattern, no control characters, deny `Host`/`Content-Length`/`Transfer-Encoding`/`Authorization`/`Cookie`/...), with early request-time rejection.\n\n### Impact\n\nArbitrary file write (potential code execution) for #1; log forging for #2; request smuggling / header injection on outbound webhooks for #3.\n\n### Workarounds\n\n- Upgrade to the patched version.\n- Enable authentication (`CRAWL4AI_API_TOKEN`).\n- Run the container with a read-only root filesystem.\n\n### Credits\n\nInternal security audit (Crawl4AI maintainers).",
  "id": "GHSA-7cx2-g3h9-382p",
  "modified": "2026-06-16T21:02:19Z",
  "published": "2026-06-16T21:02:19Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/unclecode/crawl4ai/security/advisories/GHSA-7cx2-g3h9-382p"
    },
    {
      "type": "WEB",
      "url": "https://github.com/unclecode/crawl4ai/issues/1"
    },
    {
      "type": "WEB",
      "url": "https://github.com/unclecode/crawl4ai/issues/2"
    },
    {
      "type": "WEB",
      "url": "https://github.com/unclecode/crawl4ai/pull/3"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/unclecode/crawl4ai"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Crawl4AI: Arbitrary file write (symlink/TOCTOU) plus log and webhook-header injection in Docker server"
}

Mitigation MIT-5
Implementation

Strategy: Input Validation

  • Assume all input is malicious. Use an "accept known good" input validation strategy, i.e., use a list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does.
  • When performing input validation, consider all potentially relevant properties, including length, type of input, the full range of acceptable values, missing or extra inputs, syntax, consistency across related fields, and conformance to business rules. As an example of business rule logic, "boat" may be syntactically valid because it only contains alphanumeric characters, but it is not valid if the input is only expected to contain colors such as "red" or "blue."
  • Do not rely exclusively on looking for malicious or malformed inputs. This is likely to miss at least one undesirable input, especially if the code's environment changes. This can give attackers enough room to bypass the intended validation. However, denylists can be useful for detecting potential attacks or determining which inputs are so malformed that they should be rejected outright.
Mitigation MIT-30
Implementation

Strategy: Output Encoding

Use and specify an output encoding that can be handled by the downstream component that is reading the output. Common encodings include ISO-8859-1, UTF-7, and UTF-8. When an encoding is not specified, a downstream component may choose a different encoding, either by assuming a default encoding or automatically inferring which encoding is being used, which can be erroneous. When the encodings are inconsistent, the downstream component might treat some character or byte sequences as special, even if they are not special in the original encoding. Attackers might then be able to exploit this discrepancy and conduct injection attacks; they even might be able to bypass protection mechanisms that assume the original encoding is also being used by the downstream component.

Mitigation MIT-20
Implementation

Strategy: Input Validation

Inputs should be decoded and canonicalized to the application's current internal representation before being validated (CWE-180). Make sure that the application does not decode the same input twice (CWE-174). Such errors could be used to bypass allowlist validation schemes by introducing dangerous inputs after they have been checked.

CAPEC-268: Audit Log Manipulation

The attacker injects, manipulates, deletes, or forges malicious log entries into the log file, in an attempt to mislead an audit of the log file or cover tracks of an attack. Due to either insufficient access controls of the log files or the logging mechanism, the attacker is able to perform such actions.

CAPEC-81: Web Server Logs Tampering

Web Logs Tampering attacks involve an attacker injecting, deleting or otherwise tampering with the contents of web logs typically for the purposes of masking other malicious behavior. Additionally, writing malicious data to log files may target jobs, filters, reports, and other agents that process the logs in an asynchronous attack pattern. This pattern of attack is similar to "Log Injection-Tampering-Forging" except that in this case, the attack is targeting the logs of the web server and not the application.

CAPEC-93: Log Injection-Tampering-Forging

This attack targets the log files of the target host. The attacker injects, manipulates or forges malicious log entries in the log file, allowing them to mislead a log audit, cover traces of attack, or perform other malicious actions. The target host is not properly controlling log access. As a result tainted data is resulting in the log files leading to a failure in accountability, non-repudiation and incident forensics capability.