Total
863 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-28236 | 2024-11-21 | 7.7 High | ||
| Vela is a Pipeline Automation (CI/CD) framework built on Linux container technology written in Golang. Vela pipelines can use variable substitution combined with insensitive fields like `parameters`, `image` and `entrypoint` to inject secrets into a plugin/image and — by using common substitution string manipulation — can bypass log masking and expose secrets without the use of the commands block. This unexpected behavior primarily impacts secrets restricted by the "no commands" option. This can lead to unintended use of the secret value, and increased risk of exposing the secret during image execution bypassing log masking. **To exploit this** the pipeline author must be supplying the secrets to a plugin that is designed in such a way that will print those parameters in logs. Plugin parameters are not designed for sensitive values and are often intentionally printed throughout execution for informational/debugging purposes. Parameters should therefore be treated as insensitive. While Vela provides secrets masking, secrets exposure is not entirely solved by the masking process. A docker image (plugin) can easily expose secrets if they are not handled properly, or altered in some way. There is a responsibility on the end-user to understand how values injected into a plugin are used. This is a risk that exists for many CICD systems (like GitHub Actions) that handle sensitive runtime variables. Rather, the greater risk is that users who restrict a secret to the "no commands" option and use image restriction can still have their secret value exposed via substitution tinkering, which turns the image and command restrictions into a false sense of security. This issue has been addressed in version 0.23.2. Users are advised to upgrade. Users unable to upgrade should not provide sensitive values to plugins that can potentially expose them, especially in `parameters` that are not intended to be used for sensitive values, ensure plugins (especially those that utilize shared secrets) follow best practices to avoid logging parameters that are expected to be sensitive, minimize secrets with `pull_request` events enabled, as this allows users to change pipeline configurations and pull in secrets to steps not typically part of the CI process, make use of the build approval setting, restricting builds from untrusted users, and limit use of shared secrets, as they are less restrictive to access by nature. | ||||
| CVE-2024-28072 | 2024-11-21 | 5.7 Medium | ||
| A highly privileged account can overwrite arbitrary files on the system with log output. The log file path tags were not sanitized properly. | ||||
| CVE-2024-27784 | 1 Fortinet | 1 Fortiaiops | 2024-11-21 | 8.3 High |
| Multiple Exposure of sensitive information to an unauthorized actor vulnerabilities [CWE-200] in FortiAIOps version 2.0.0 may allow an authenticated, remote attacker to retrieve sensitive information from the API endpoint or log files. | ||||
| CVE-2024-27157 | 2024-11-21 | 6.8 Medium | ||
| The sessions are stored in clear-text logs. An attacker can retrieve authentication sessions. A remote attacker can retrieve the credentials and bypass the authentication mechanism. As for the affected products/models/versions, see the reference URL. | ||||
| CVE-2024-27156 | 2024-11-21 | 6.8 Medium | ||
| The session cookies, used for authentication, are stored in clear-text logs. An attacker can retrieve authentication sessions. A remote attacker can retrieve the credentials and bypass the authentication mechanism. As for the affected products/models/versions, see the reference URL. | ||||
| CVE-2024-27154 | 2024-11-21 | 6.2 Medium | ||
| Passwords are stored in clear-text logs. An attacker can retrieve passwords. As for the affected products/models/versions, see the reference URL. | ||||
| CVE-2024-27097 | 2024-11-21 | 4.3 Medium | ||
| A user endpoint didn't perform filtering on an incoming parameter, which was added directly to the application log. This could lead to an attacker injecting false log entries or corrupt the log file format. This has been fixed in the CKAN versions 2.9.11 and 2.10.4. Users are advised to upgrade. Users unable to upgrade should override the `/user/reset` endpoint to filter the `id` parameter in order to exclude newlines. | ||||
| CVE-2024-25957 | 2024-11-21 | 4.8 Medium | ||
| Dell Grab for Windows, versions 5.0.4 and below, contains a cleartext storage of sensitive information vulnerability in its appsync module. An authenticated local attacker could potentially exploit this vulnerability, leading to information disclosure that could be used to access the appsync application with elevated privileges. | ||||
| CVE-2024-25923 | 2024-11-21 | 5.3 Medium | ||
| Insertion of Sensitive Information into Log File vulnerability in PeepSo Community by PeepSo.This issue affects Community by PeepSo: from n/a through 6.2.7.0. | ||||
| CVE-2024-25095 | 1 Codeparrots | 1 Easy Forms For Mailchimp | 2024-11-21 | 7.5 High |
| Insertion of Sensitive Information into Log File vulnerability in Code Parrots Easy Forms for Mailchimp.This issue affects Easy Forms for Mailchimp: from n/a through 6.9.0. | ||||
| CVE-2024-25030 | 2024-11-21 | 6.2 Medium | ||
| IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 281677. | ||||
| CVE-2024-24939 | 1 Jetbrains | 1 Rider | 2024-11-21 | 3.3 Low |
| In JetBrains Rider before 2023.3.3 logging of environment variables containing secret values was possible | ||||
| CVE-2024-23840 | 1 Goreleaser | 1 Goreleaser | 2024-11-21 | 5.5 Medium |
| GoReleaser builds Go binaries for several platforms, creates a GitHub release and then pushes a Homebrew formula to a tap repository. `goreleaser release --debug` log shows secret values used in the in the custom publisher. This vulnerability is fixed in 1.24.0. | ||||
| CVE-2024-23791 | 1 Otrs | 1 Otrs | 2024-11-21 | 4.9 Medium |
| Insertion of debug information into log file during building the elastic search index allows reading of sensitive information from articles.This issue affects OTRS: from 7.0.X through 7.0.48, from 8.0.X through 8.0.37, from 2023.X through 2023.1.1. | ||||
| CVE-2024-23760 | 1 Gambio | 1 Gambio | 2024-11-21 | 2.7 Low |
| Cleartext Storage of Sensitive Information in Gambio 4.9.2.0 allows attackers to obtain sensitive information via error-handler.log.json and legacy-error-handler.log.txt under the webroot. | ||||
| CVE-2024-23758 | 2024-11-21 | 7.5 High | ||
| An issue discovered in Unisys Stealth 5.3.062.0 allows attackers to view sensitive information via the Enterprise ManagementInstaller_msi.log file. | ||||
| CVE-2024-23686 | 1 Owasp | 1 Dependency-check | 2024-11-21 | 5.3 Medium |
| DependencyCheck for Maven 9.0.0 to 9.0.6, for CLI version 9.0.0 to 9.0.5, and for Ant versions 9.0.0 to 9.0.5, when used in debug mode, allows an attacker to recover the NVD API Key from a log file. | ||||
| CVE-2024-23448 | 1 Elastic | 1 Apm Server | 2024-11-21 | 5.7 Medium |
| An issue was discovered whereby APM Server could log at ERROR level, a response from Elasticsearch indicating that indexing the document failed and that response would contain parts of the original document. Depending on the nature of the document that the APM Server attempted to ingest, this could lead to the insertion of sensitive or private information in the APM Server logs. | ||||
| CVE-2024-22464 | 1 Dell | 1 Emc Appsync | 2024-11-21 | 6.2 Medium |
| Dell EMC AppSync, versions from 4.2.0.0 to 4.6.0.0 including all Service Pack releases, contain an exposure of sensitive information vulnerability in AppSync server logs. A high privileged remote attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable system with privileges of the compromised account. | ||||
| CVE-2024-22440 | 2024-11-21 | 6.8 Medium | ||
| A potential security vulnerability has been identified in HPE Compute Scale-up Server 3200 server. This vulnerability could cause disclosure of sensitive information in log files. | ||||