CWE-117
Medium likelihoodImproper Output Neutralization for Logs
The product constructs a log message from external input, but it does not neutralize or incorrectly neutralizes special elements when the message is written to a log file.
93 vulnerabilities with CWE-117
CVE-2022-32549
MEDIUM
Apache Sling Commons Log <= 5.4.0 & Apache Sling API <= 2.25.0 - Co...
CVSS 5.3
CVE-2022-22151
HIGH
Yokogawa Electric - Info Disclosure
CVSS 8.1
CVE-2021-23266
MEDIUM
Log Viewer - Info Disclosure
CVSS 4.3
CVE-2021-43410
MEDIUM
Apache Airavata Django Portal <3c5d8c7 - Log Injection
CVSS 5.3
CVE-2021-42250
MEDIUM
Apache Superset - Info Disclosure
CVSS 6.5
CVE-2021-22096
MEDIUM
Spring Framework <5.3.11-<5.2.18 - Info Disclosure
CVSS 4.3
CVE-2021-20333
MEDIUM
MongoDB <3.6.20, <4.0.21, <4.2.10 - Info Disclosure
CVSS 5.3
CVE-2020-25646
HIGH
Ansible Collection community.crypto - Info Disclosure
CVSS 7.5
CVE-2020-11644
MEDIUM
Br-automation Gatemanager 9250 Firmware - Information Disclosure
CVSS 6.5
CVE-2020-14332
MEDIUM
Redhat Ansible Engine < 2.8.14 - Log Information Exposure
CVSS 5.5
CVE-2020-4072
MEDIUM
generator-jhipster-kotlin <1.7.0 - Info Disclosure
CVSS 5.3
CVE-2019-14854
MEDIUM
Redhat Openshift Container Platform - Log Information Exposure
CVSS 6.5
CVE-2019-14864
MEDIUM
Redhat Ansible < 2.7.15 - Log Information Exposure
CVSS 6.5
CVE-2019-10213
MEDIUM
OpenShift Container Platform 4.1-4.2 - Info Disclosure
CVSS 6.5
CVE-2019-14858
MEDIUM
Redhat Ansible Engine < 2.8.0 - Log Information Exposure
CVSS 5.5
CVE-2019-14846
HIGH
Redhat Ansible Engine < 2.6.20 - Log Information Exposure
CVSS 7.8
CVE-2018-10932
MEDIUM
Intel Lldptool < 1.0.1 - Memory Corruption
CVSS 4.3
CVE-2015-10011
MEDIUM
OpenDNS OpenResolve - Info Disclosure
CVSS 4.6
Details
Vulnerabilities
93
Exploit Likelihood
Medium