CWE-532
AllowedInsertion of Sensitive Information into Log File
Abstraction: Base · Status: Incomplete
The product writes sensitive information to a log file.
1742 vulnerabilities reference this CWE, most recent first.
GHSA-RR7J-V2Q5-CHGV
Vulnerability from github – Published: 2026-04-16 01:20 – Updated: 2026-04-24 20:52Summary
The LangSmith SDK's output redaction controls (hideOutputs in JS, hide_outputs in Python) do not apply to streaming token events. When an LLM run produces streaming output, each chunk is recorded as a new_token event containing the raw token value. These events bypass the redaction pipeline entirely — prepareRunCreateOrUpdateInputs (JS) and _hide_run_outputs (Python) only process the inputs and outputs fields on a run, never the events array. As a result, applications relying on output redaction to prevent sensitive LLM output from being stored in LangSmith will still leak the full streamed content via run events.
Details
Both JS and Python SDKs are affected. The same pattern exists in both:
- JS SDK:
traceable.ts:997-1003andtraceable.ts:1044-1050 - Python SDK:
run_helpers.py:1924andrun_helpers.py:1996
In both SDKs, new_token events with raw kwargs.token values are added during streaming, and the redaction pipeline (hideOutputs in JS, hide_outputs in Python) only processes inputs/outputs — never events.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 0.5.18"
},
"package": {
"ecosystem": "npm",
"name": "langsmith"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.5.19"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 0.7.30"
},
"package": {
"ecosystem": "PyPI",
"name": "langsmith"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.7.31"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-41182"
],
"database_specific": {
"cwe_ids": [
"CWE-200",
"CWE-359",
"CWE-532"
],
"github_reviewed": true,
"github_reviewed_at": "2026-04-16T01:20:37Z",
"nvd_published_at": "2026-04-23T02:16:16Z",
"severity": "MODERATE"
},
"details": "## Summary\n\nThe LangSmith SDK\u0027s output redaction controls (hideOutputs in JS, hide_outputs in Python) do not apply to streaming token events. When an LLM run produces streaming output, each chunk is recorded as a new_token event containing the raw token value. These events bypass the redaction pipeline entirely \u2014 prepareRunCreateOrUpdateInputs (JS) and _hide_run_outputs (Python) only process the inputs and outputs fields on a run, never the events array. As a result, applications relying on output redaction to prevent sensitive LLM output from being stored in LangSmith will still leak the full streamed content via run events.\n\n## Details\n\n**Both JS and Python SDKs are affected.** The same pattern exists in both:\n\n- **JS SDK**: `traceable.ts:997-1003` and `traceable.ts:1044-1050`\n- **Python SDK**: `run_helpers.py:1924` and `run_helpers.py:1996`\n\nIn both SDKs, `new_token` events with raw `kwargs.token` values are added during streaming, and the redaction pipeline (`hideOutputs` in JS, `hide_outputs` in Python) only processes `inputs`/`outputs` \u2014 never `events`.",
"id": "GHSA-rr7j-v2q5-chgv",
"modified": "2026-04-24T20:52:13Z",
"published": "2026-04-16T01:20:37Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/langchain-ai/langsmith-sdk/security/advisories/GHSA-rr7j-v2q5-chgv"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41182"
},
{
"type": "PACKAGE",
"url": "https://github.com/langchain-ai/langsmith-sdk"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "LangSmith SDK: Streaming token events bypass output redaction"
}
GHSA-RRMF-6VF5-86V9
Vulnerability from github – Published: 2026-04-14 18:30 – Updated: 2026-04-14 18:30A vulnerability exists in FlashBlade whereby sensitive information may be logged under specific conditions.
{
"affected": [],
"aliases": [
"CVE-2026-0207"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-04-14T18:16:41Z",
"severity": "HIGH"
},
"details": "A vulnerability exists in FlashBlade whereby sensitive information may be logged under specific conditions.",
"id": "GHSA-rrmf-6vf5-86v9",
"modified": "2026-04-14T18:30:36Z",
"published": "2026-04-14T18:30:36Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-0207"
},
{
"type": "WEB",
"url": "https://support.purestorage.com/bundle/m_security_bulletins/page/Pure_Security/topics/concept/c_security_bulletins.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-RVVF-GHR3-J46W
Vulnerability from github – Published: 2025-10-15 18:31 – Updated: 2025-10-15 18:31A vulnerability in the logging component of Cisco TelePresence Collaboration Endpoint (CE) and Cisco RoomOS Software could allow an authenticated, remote attacker to view sensitive information in clear text on an affected system. To exploit this vulnerability, the attacker must have valid administrative credentials.
This vulnerability exists because certain unencrypted credentials are stored when SIP media component logging is enabled. An attacker could exploit this vulnerability by accessing the audit logs on an affected system and obtaining credentials to which they may not normally have access. A successful exploit could allow the attacker to use those credentials to access confidential information, some of which may contain personally identifiable information (PII). Note: To access the logs that are stored in the Webex Cloud or stored on the device itself, an attacker must have valid administrative credentials.
{
"affected": [],
"aliases": [
"CVE-2025-20329"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-10-15T17:15:48Z",
"severity": "MODERATE"
},
"details": "A vulnerability in the logging component of Cisco TelePresence Collaboration Endpoint (CE) and Cisco RoomOS Software could allow an authenticated, remote attacker to view sensitive information in clear text on an affected system. To exploit this vulnerability, the attacker must have valid administrative\u0026nbsp;credentials.\n\nThis vulnerability exists because certain unencrypted credentials are stored when SIP media component logging is enabled. An attacker could exploit this vulnerability by accessing the audit logs on an affected system and obtaining credentials to which they may not normally have access. A successful exploit could allow the attacker to use those credentials to access confidential information, some of which may contain personally identifiable information (PII).\nNote: To access the logs that are stored in the Webex Cloud or stored on the device itself, an attacker must have valid administrative credentials.",
"id": "GHSA-rvvf-ghr3-j46w",
"modified": "2025-10-15T18:31:51Z",
"published": "2025-10-15T18:31:51Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-20329"
},
{
"type": "WEB",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-roomos-inf-disc-qGgsbxAm"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-RX84-4W3Q-488H
Vulnerability from github – Published: 2024-03-25 06:30 – Updated: 2024-03-25 06:30Insertion of Sensitive Information into Log File vulnerability in Hitachi Virtual Storage Platform, Hitachi Virtual Storage Platform VP9500, Hitachi Virtual Storage Platform G1000, G1500, Hitachi Virtual Storage Platform F1500, Hitachi Virtual Storage Platform 5100, 5500, 5100H, 5500H, Hitachi Virtual Storage Platform 5200, 5600, 5200H, 5600H, Hitachi Unified Storage VM, Hitachi Virtual Storage Platform G100, G200, G400, G600, G800, Hitachi Virtual Storage Platform F400, F600, F800, Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, Hitachi Virtual Storage Platform F350, F370, F700, F900, Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H allows
local users to gain sensitive information.This issue affects Hitachi Virtual Storage Platform: before DKCMAIN Ver. 70-06-74-00/00, SVP Ver. 70-06-58/00; Hitachi Virtual Storage Platform VP9500: before DKCMAIN Ver. 70-06-74-00/00, SVP Ver. 70-06-58/00; Hitachi Virtual Storage Platform G1000, G1500: before DKCMAIN Ver. 80-06-92-00/00, SVP Ver. 80-06-87/00; Hitachi Virtual Storage Platform F1500: before DKCMAIN Ver. 80-06-92-00/00, SVP Ver. 80-06-87/00; Hitachi Virtual Storage Platform 5100, 5500,5100H, 5500H: before DKCMAIN Ver. 90-08-81-00/00, SVP Ver. 90-08-81/00, before DKCMAIN Ver. 90-08-62-00/00, SVP Ver. 90-08-62/00, before DKCMAIN Ver. 90-08-43-00/00, SVP Ver. 90-08-43/00; Hitachi Virtual Storage Platform 5200, 5600,5200H, 5600H: before DKCMAIN Ver. 90-08-81-00/00, SVP Ver. 90-08-81/00, before DKCMAIN Ver. 90-08-62-00/00, SVP Ver. 90-08-62/00, before DKCMAIN Ver. 90-08-43-00/00, SVP Ver. 90-08-43/00; Hitachi Unified Storage VM: before DKCMAIN Ver. 73-03-75-X0/00, SVP Ver. 73-03-74/00, before DKCMAIN Ver. 73(75)-03-75-X0/00, SVP Ver. 73(75)-03-74/00; Hitachi Virtual Storage Platform G100, G200, G400, G600, G800: before DKCMAIN Ver. 83-06-19-X0/00, SVP Ver. 83-06-20-X0/00, before DKCMAIN Ver. 83-05-47-X0/00, SVP Ver. 83-05-51-X0/00; Hitachi Virtual Storage Platform F400, F600, F800: before DKCMAIN Ver. 83-06-19-X0/00, SVP Ver. 83-06-20-X0/00, before DKCMAIN Ver. 83-05-47-X0/00, SVP Ver. 83-05-51-X0/00; Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900: before DKCMAIN Ver. 88-08-09-XX/00, SVP Ver. 88-08-11-X0/02; Hitachi Virtual Storage Platform F350, F370, F700, F900: before DKCMAIN Ver. 88-08-09-XX/00, SVP Ver. 88-08-11-X0/02; Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H: before DKCMAIN Ver. 93-06-81-X0/00, SVP Ver. 93-06-81-X0/00, before DKCMAIN Ver. 93-06-62-X0/00, SVP Ver. 93-06-62-X0/00, before DKCMAIN Ver. 93-06-43-X0/00, SVP Ver. 93-06-43-X0/00.
{
"affected": [],
"aliases": [
"CVE-2022-36407"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-03-25T06:15:08Z",
"severity": "CRITICAL"
},
"details": "Insertion of Sensitive Information into Log File vulnerability in Hitachi Virtual Storage Platform, Hitachi Virtual Storage Platform VP9500, Hitachi Virtual Storage Platform G1000, G1500, Hitachi Virtual Storage Platform F1500, Hitachi Virtual Storage Platform 5100, 5500, 5100H, 5500H, Hitachi Virtual Storage Platform 5200, 5600, 5200H, 5600H, Hitachi Unified Storage VM, Hitachi Virtual Storage Platform G100, G200, G400, G600, G800, Hitachi Virtual Storage Platform F400, F600, F800, Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, Hitachi Virtual Storage Platform F350, F370, F700, F900, Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H allows \n\nlocal users to gain sensitive information.This issue affects Hitachi Virtual Storage Platform: before DKCMAIN Ver. 70-06-74-00/00, SVP Ver. 70-06-58/00; Hitachi Virtual Storage Platform VP9500: before DKCMAIN Ver. 70-06-74-00/00, SVP Ver. 70-06-58/00; Hitachi Virtual Storage Platform G1000, G1500: before DKCMAIN Ver. 80-06-92-00/00, SVP Ver. 80-06-87/00; Hitachi Virtual Storage Platform F1500: before DKCMAIN Ver. 80-06-92-00/00, SVP Ver. 80-06-87/00; Hitachi Virtual Storage Platform 5100, 5500,5100H, 5500H: before DKCMAIN Ver. 90-08-81-00/00, SVP Ver. 90-08-81/00, before DKCMAIN Ver. 90-08-62-00/00, SVP Ver. 90-08-62/00, before DKCMAIN Ver. 90-08-43-00/00, SVP Ver. 90-08-43/00; Hitachi Virtual Storage Platform 5200, 5600,5200H, 5600H: before DKCMAIN Ver. 90-08-81-00/00, SVP Ver. 90-08-81/00, before DKCMAIN Ver. 90-08-62-00/00, SVP Ver. 90-08-62/00, before DKCMAIN Ver. 90-08-43-00/00, SVP Ver. 90-08-43/00; Hitachi Unified Storage VM: before DKCMAIN Ver. 73-03-75-X0/00, SVP Ver. 73-03-74/00, before DKCMAIN Ver. 73(75)-03-75-X0/00, SVP Ver. 73(75)-03-74/00; Hitachi Virtual Storage Platform G100, G200, G400, G600, G800: before DKCMAIN Ver. 83-06-19-X0/00, SVP Ver. 83-06-20-X0/00, before DKCMAIN Ver. 83-05-47-X0/00, SVP Ver. 83-05-51-X0/00; Hitachi Virtual Storage Platform F400, F600, F800: before DKCMAIN Ver. 83-06-19-X0/00, SVP Ver. 83-06-20-X0/00, before DKCMAIN Ver. 83-05-47-X0/00, SVP Ver. 83-05-51-X0/00; Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900: before DKCMAIN Ver. 88-08-09-XX/00, SVP Ver. 88-08-11-X0/02; Hitachi Virtual Storage Platform F350, F370, F700, F900: before DKCMAIN Ver. 88-08-09-XX/00, SVP Ver. 88-08-11-X0/02; Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H: before DKCMAIN Ver. 93-06-81-X0/00, SVP Ver. 93-06-81-X0/00, before DKCMAIN Ver. 93-06-62-X0/00, SVP Ver. 93-06-62-X0/00, before DKCMAIN Ver. 93-06-43-X0/00, SVP Ver. 93-06-43-X0/00.\n\n",
"id": "GHSA-rx84-4w3q-488h",
"modified": "2024-03-25T06:30:24Z",
"published": "2024-03-25T06:30:24Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36407"
},
{
"type": "WEB",
"url": "https://www.hitachi.com/products/it/storage-solutions/sec_info/2024/2022_313.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-RXMX-452F-CRQ3
Vulnerability from github – Published: 2025-11-11 18:30 – Updated: 2025-11-11 18:30Insertion of sensitive information into log file in Windows License Manager allows an authorized attacker to disclose information locally.
{
"affected": [],
"aliases": [
"CVE-2025-62209"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-11-11T18:15:48Z",
"severity": "MODERATE"
},
"details": "Insertion of sensitive information into log file in Windows License Manager allows an authorized attacker to disclose information locally.",
"id": "GHSA-rxmx-452f-crq3",
"modified": "2025-11-11T18:30:23Z",
"published": "2025-11-11T18:30:22Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62209"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-62209"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-RXVW-FJR2-PCJP
Vulnerability from github – Published: 2022-05-14 01:11 – Updated: 2022-05-14 01:11The IBM Cloud Private Key Management Service (IBM Cloud Private 3.1.1 and 3.1.2) could allow a local user to obtain sensitive from the KMS plugin container log. IBM X-Force ID: 158348.
{
"affected": [],
"aliases": [
"CVE-2019-4143"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-04-08T15:29:00Z",
"severity": "MODERATE"
},
"details": "The IBM Cloud Private Key Management Service (IBM Cloud Private 3.1.1 and 3.1.2) could allow a local user to obtain sensitive from the KMS plugin container log. IBM X-Force ID: 158348.",
"id": "GHSA-rxvw-fjr2-pcjp",
"modified": "2022-05-14T01:11:03Z",
"published": "2022-05-14T01:11:03Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-4143"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/158348"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10878180"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/107849"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-V2JV-C66V-HQHV
Vulnerability from github – Published: 2024-03-08 03:31 – Updated: 2026-04-02 21:31A privacy issue was addressed by not logging contents of text fields. This issue is fixed in macOS Sonoma 14.4, iOS 17.4 and iPadOS 17.4. An app may be able to view Mail data.
{
"affected": [],
"aliases": [
"CVE-2024-23242"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-03-08T02:15:48Z",
"severity": "LOW"
},
"details": "A privacy issue was addressed by not logging contents of text fields. This issue is fixed in macOS Sonoma 14.4, iOS 17.4 and iPadOS 17.4. An app may be able to view Mail data.",
"id": "GHSA-v2jv-c66v-hqhv",
"modified": "2026-04-02T21:31:37Z",
"published": "2024-03-08T03:31:24Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23242"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/120893"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/120895"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/HT214081"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/HT214084"
},
{
"type": "WEB",
"url": "https://support.apple.com/kb/HT214081"
},
{
"type": "WEB",
"url": "https://support.apple.com/kb/HT214084"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2024/Mar/21"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-V2QH-F584-6HJ8
Vulnerability from github – Published: 2024-11-05 17:34 – Updated: 2024-11-05 21:37Impact
Refresh tokens are logged to the console when the disabled by default debug flag, is enabled.
Patches
Patched in https://github.com/workos/authkit-remix/releases/tag/v0.4.1
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "@workos-inc/authkit-remix"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.4.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-51753"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": true,
"github_reviewed_at": "2024-11-05T17:34:47Z",
"nvd_published_at": "2024-11-05T20:15:15Z",
"severity": "LOW"
},
"details": "### Impact\nRefresh tokens are logged to the console when the disabled by default `debug` flag, is enabled.\n\n### Patches\nPatched in [https://github.com/workos/authkit-remix/releases/tag/v0.4.1](https://github.com/workos/authkit-remix/releases/tag/v0.4.1)",
"id": "GHSA-v2qh-f584-6hj8",
"modified": "2024-11-05T21:37:20Z",
"published": "2024-11-05T17:34:47Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/workos/authkit-remix/security/advisories/GHSA-v2qh-f584-6hj8"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-51753"
},
{
"type": "WEB",
"url": "https://github.com/workos/authkit-remix/commit/32d5bcd54c795c1e2a3204f8e3977ab9ad57ec06"
},
{
"type": "PACKAGE",
"url": "https://github.com/workos/authkit-remix"
},
{
"type": "WEB",
"url": "https://github.com/workos/authkit-remix/releases/tag/v0.4.1"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U",
"type": "CVSS_V4"
}
],
"summary": "@workos-inc/authkit-remix refresh tokens are logged when the debug flag is enabled"
}
GHSA-V36X-X4CV-7VR2
Vulnerability from github – Published: 2023-05-04 21:30 – Updated: 2025-10-22 00:32Kernel pointers are printed in the log file prior to SMR May-2023 Release 1 allows a privileged local attacker to bypass ASLR.
{
"affected": [],
"aliases": [
"CVE-2023-21492"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-05-04T21:15:10Z",
"severity": "MODERATE"
},
"details": "Kernel pointers are printed in the log file prior to SMR May-2023 Release 1 allows a privileged local attacker to bypass ASLR.",
"id": "GHSA-v36x-x4cv-7vr2",
"modified": "2025-10-22T00:32:44Z",
"published": "2023-05-04T21:30:28Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-21492"
},
{
"type": "WEB",
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2023\u0026month=05"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-21492"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-V38P-4R5V-PVCQ
Vulnerability from github – Published: 2022-05-17 02:47 – Updated: 2025-04-20 03:36On the TP-Link TL-SG108E 1.0, a remote attacker could retrieve credentials from "SEND data" log lines where passwords are encoded in hexadecimal. This affects the 1.1.2 Build 20141017 Rel.50749 firmware.
{
"affected": [],
"aliases": [
"CVE-2017-8074"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-04-23T16:59:00Z",
"severity": "CRITICAL"
},
"details": "On the TP-Link TL-SG108E 1.0, a remote attacker could retrieve credentials from \"SEND data\" log lines where passwords are encoded in hexadecimal. This affects the 1.1.2 Build 20141017 Rel.50749 firmware.",
"id": "GHSA-v38p-4r5v-pvcq",
"modified": "2025-04-20T03:36:32Z",
"published": "2022-05-17T02:47:52Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-8074"
},
{
"type": "WEB",
"url": "https://chmod750.com/2017/04/23/vulnerability-disclosure-tp-link"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/97981"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation
Consider seriously the sensitivity of the information written into log files. Do not write secrets into the log files.
Mitigation
Remove debug log files before deploying the application into production.
Mitigation
Protect log files against unauthorized read/write.
Mitigation
Adjust configurations appropriately when software is transitioned from a debug state to production.
CAPEC-215: Fuzzing for application mapping
An attacker sends random, malformed, or otherwise unexpected messages to a target application and observes the application's log or error messages returned. The attacker does not initially know how a target will respond to individual messages but by attempting a large number of message variants they may find a variant that trigger's desired behavior. In this attack, the purpose of the fuzzing is to observe the application's log and error messages, although fuzzing a target can also sometimes cause the target to enter an unstable state, causing a crash.