OpenShift Container Platform, versions 4.1 and 4.2, does not sanitize secret data written to pod logs when the log level in a given operator is set to Debug or higher. A low privileged user could read...

OpenShift Container Platform 4 does not sanitize secret data written to static pod logs when the log level in a given operator is set to Debug or higher. A low privileged user could read pod logs to d...

In generator-jhipster-kotlin version 1.6.0 log entries are created for invalid password reset attempts. As the email is provided by a user and the api is public this can be used by an attacker to forg...

Sending specially crafted commands to a MongoDB Server may result in artificial log entries being generated or for log entries to be split. This issue affects MongoDB Server v3.6 versions prior to 3.6...

The Cognex 3D-A1000 Dimensioning System in firmware version 1.0.3 (3354) and prior is vulnerable to CWE-117: Improper Output Neutralization for Logs, which allows an attacker to create false logs that...

Apache Sling Commons Log <= 5.4.0 and Apache Sling API <= 2.25.0 are vulnerable to log injection. The ability to forge logs may allow an attacker to cover tracks by injecting fake logs and potentially...