Common Weakness Enumeration

CWE-532

Allowed

Insertion of Sensitive Information into Log File

Abstraction: Base · Status: Incomplete

The product writes sensitive information to a log file.

1739 vulnerabilities reference this CWE, most recent first.

GHSA-6Q37-CP6X-MHFW

Vulnerability from github – Published: 2024-06-12 18:30 – Updated: 2024-08-07 18:30
VLAI
Details

A problem with the Palo Alto Networks GlobalProtect app can result in exposure of encrypted user credentials, used for connecting to GlobalProtect, in application logs. Normally, these application logs are only viewable by local users and are included when generating logs for troubleshooting purposes. This means that these encrypted credentials are exposed to recipients of the application logs.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-5908"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-06-12T17:15:53Z",
    "severity": "MODERATE"
  },
  "details": "A problem with the Palo Alto Networks GlobalProtect app can result in exposure of encrypted user credentials, used for connecting to GlobalProtect, in application logs. Normally, these application logs are only viewable by local users and are included when generating logs for troubleshooting purposes. This means that these encrypted credentials are exposed to recipients of the application logs.",
  "id": "GHSA-6q37-cp6x-mhfw",
  "modified": "2024-08-07T18:30:39Z",
  "published": "2024-06-12T18:30:41Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-5908"
    },
    {
      "type": "WEB",
      "url": "https://security.paloaltonetworks.com/CVE-2024-5908"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:N/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:D/RE:M/U:Amber",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-6Q6R-HX29-59M5

Vulnerability from github – Published: 2023-09-20 09:30 – Updated: 2024-11-18 16:26
VLAI
Details

An Innsertion of Sensitive Information into Log File vulnerability in SUSE SUSE Manager Server Module 4.2 spacewalk-java, SUSE SUSE Manager Server Module 4.3 spacewalk-java causes sensitive information to be logged. This issue affects SUSE Manager Server Module 4.2: before 4.2.50-150300.3.66.5; SUSE Manager Server Module 4.3: before 4.3.58-150400.3.46.4.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-22644"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1270",
      "CWE-287",
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-09-20T09:15:12Z",
    "severity": "HIGH"
  },
  "details": "An Innsertion of Sensitive Information into Log File vulnerability in SUSE SUSE Manager Server Module 4.2 spacewalk-java, SUSE SUSE Manager Server Module 4.3 spacewalk-java causes sensitive information to be logged.\nThis issue affects SUSE Manager Server Module 4.2: before 4.2.50-150300.3.66.5; SUSE Manager Server Module 4.3: before 4.3.58-150400.3.46.4.\n\n",
  "id": "GHSA-6q6r-hx29-59m5",
  "modified": "2024-11-18T16:26:32Z",
  "published": "2023-09-20T09:30:22Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/neuvector/neuvector/security/advisories/GHSA-622h-h2p8-743x"
    },
    {
      "type": "WEB",
      "url": "https://github.com/rancher/rancher/security/advisories/GHSA-9ghh-mmcq-8phc"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-22644"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2023-22644"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2023-22650"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2023-32188"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-6Q88-CW72-PM5W

Vulnerability from github – Published: 2026-06-25 06:30 – Updated: 2026-06-25 06:30
VLAI
Details

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 9.3 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed sensitive information to be written to application logs due to insufficient filtering in a CI/CD API endpoint.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-8330"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-06-25T05:16:55Z",
    "severity": "MODERATE"
  },
  "details": "GitLab has remediated an issue in GitLab CE/EE affecting all versions from 9.3 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed sensitive information to be written to application logs due to insufficient filtering in a CI/CD API endpoint.",
  "id": "GHSA-6q88-cw72-pm5w",
  "modified": "2026-06-25T06:30:42Z",
  "published": "2026-06-25T06:30:42Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-8330"
    },
    {
      "type": "WEB",
      "url": "https://docs.gitlab.com/releases/patches/patch-release-gitlab-19-1-1-released"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.com/gitlab-org/gitlab/-/work_items/599621"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6QFC-M9FP-C5RM

Vulnerability from github – Published: 2026-04-15 18:31 – Updated: 2026-04-15 18:31
VLAI
Details

In Splunk MCP Server app versions below 1.0.3 , a user who holds a role with access to the Splunk _internal index or possesses the high-privilege capability mcp_tool_admin could view users session and authorization tokens in clear text.

The vulnerability would require either local access to the log files or administrative access to internal indexes, which by default only the admin role receives.

Review roles and capabilities on your instance and restrict internal index access to administrator-level roles. See Define roles on the Splunk platform with capabilities and Connecting to MCP Server and Admin settings in the Splunk documentation for more information.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-20205"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-04-15T16:16:34Z",
    "severity": "HIGH"
  },
  "details": "In Splunk MCP Server app versions below 1.0.3 , a user who holds a role with access to the Splunk `_internal` index or possesses the high-privilege capability `mcp_tool_admin` could view users session and authorization tokens in clear text.\u003cbr\u003e\u003cbr\u003eThe vulnerability would require either local access to the log files or administrative access to internal indexes, which by default only the admin role receives. \u003cbr\u003e\u003cbr\u003eReview roles and capabilities on your instance and restrict internal index access to administrator-level roles. See [Define roles on the Splunk platform with capabilities](https://docs.splunk.com/Documentation/Splunk/latest/Security/Rolesandcapabilities) and [Connecting to MCP Server and Admin settings](https://help.splunk.com/en/splunk-enterprise/mcp-server-for-splunk-platform/connecting-to-mcp-server-and-admin-settings) in the Splunk documentation for more information.",
  "id": "GHSA-6qfc-m9fp-c5rm",
  "modified": "2026-04-15T18:31:57Z",
  "published": "2026-04-15T18:31:57Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-20205"
    },
    {
      "type": "WEB",
      "url": "https://advisory.splunk.com/advisories/SVD-2026-0407"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6R5Q-XQRJ-8P7F

Vulnerability from github – Published: 2025-03-11 03:30 – Updated: 2025-03-11 03:30
VLAI
Details

SAP Web Dispatcher and Internet Communication Manager allow an attacker with administrative privileges to enable debugging trace mode with a specific parameter value. This exposes unencrypted passwords in the logs, causing a high impact on the confidentiality of the application. There is no impact on integrity or availability.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-0071"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-03-11T01:15:33Z",
    "severity": "MODERATE"
  },
  "details": "SAP Web Dispatcher and Internet Communication Manager allow an attacker with administrative privileges to enable debugging trace mode with a specific parameter value. This exposes unencrypted passwords in the logs, causing a high impact on the confidentiality of the application. There is no impact on integrity or availability.",
  "id": "GHSA-6r5q-xqrj-8p7f",
  "modified": "2025-03-11T03:30:50Z",
  "published": "2025-03-11T03:30:50Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-0071"
    },
    {
      "type": "WEB",
      "url": "https://me.sap.com/notes/3558132"
    },
    {
      "type": "WEB",
      "url": "https://url.sap/sapsecuritypatchday"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6RJG-V5W9-9CC5

Vulnerability from github – Published: 2024-09-27 12:31 – Updated: 2026-06-02 09:36
VLAI
Details

Insertion of Sensitive Information into Log File vulnerability in Oceanic Software ValeApp allows Query System for Information.This issue affects ValeApp: before v2.0.0.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-8609"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-09-27T12:15:03Z",
    "severity": "HIGH"
  },
  "details": "Insertion of Sensitive Information into Log File vulnerability in Oceanic Software ValeApp allows Query System for Information.This issue affects ValeApp: before v2.0.0.",
  "id": "GHSA-6rjg-v5w9-9cc5",
  "modified": "2026-06-02T09:36:12Z",
  "published": "2024-09-27T12:31:40Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8609"
    },
    {
      "type": "WEB",
      "url": "https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-24-1562"
    },
    {
      "type": "WEB",
      "url": "https://www.usom.gov.tr/bildirim/tr-24-1562"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:L/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-6RMF-32JH-FX45

Vulnerability from github – Published: 2022-05-24 19:04 – Updated: 2022-05-24 19:04
VLAI
Details

Insertion of Sensitive Information into Log File vulnerability in Micro Focus Secure API Manager (SAPIM) product, affecting version 2.0.0. The vulnerability could lead to sensitive information being in a log file.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-22516"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-06-04T13:15:00Z",
    "severity": "HIGH"
  },
  "details": "Insertion of Sensitive Information into Log File vulnerability in Micro Focus Secure API Manager (SAPIM) product, affecting version 2.0.0. The vulnerability could lead to sensitive information being in a log file.",
  "id": "GHSA-6rmf-32jh-fx45",
  "modified": "2022-05-24T19:04:06Z",
  "published": "2022-05-24T19:04:06Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22516"
    },
    {
      "type": "WEB",
      "url": "https://www.microfocus.com/documentation/secure-api-manager/2-0/release-notes-secure-api-manager-201/release-notes-secure-api-manager-201.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-6VFR-P2HX-6V32

Vulnerability from github – Published: 2026-01-19 09:30 – Updated: 2026-01-21 01:03
VLAI
Summary
Apache Linkis: Password Exposure
Details

When org.apache.linkis.metadata.util.HiveUtils.decode() fails to perform Base64 decoding, it records the complete input parameter string in the log via logger.error(str + "decode failed", e). If the input parameter contains sensitive information such as Hive Metastore keys, plaintext passwords will be left in the log files when decoding fails, resulting in information leakage.

Affected Scope Component: Sensitive fields in hive-site.xml (e.g., javax.jdo.option.ConnectionPassword) or other fields encoded in Base64. Version: Apache Linkis 1.0.0 – 1.7.0

Trigger Conditions The value of the configuration item is an invalid Base64 string. Log files are readable by users other than hive-site.xml administrators.

Severity: Low The probability of Base64 decoding failure is low. The leakage is only triggered when logs at the Error level are exposed.

Remediation Apache Linkis 1.8.0 and later versions have replaced the log with desensitized content. logger.error("URL decode failed: {}", e.getMessage()); // 不再输出 str

Users are recommended to upgrade to version 1.8.0, which fixes the issue.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.linkis:linkis-metadata"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.0.0"
            },
            {
              "fixed": "1.8.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-59355"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-01-21T01:03:28Z",
    "nvd_published_at": "2026-01-19T09:16:02Z",
    "severity": "MODERATE"
  },
  "details": "When org.apache.linkis.metadata.util.HiveUtils.decode() fails to perform Base64 decoding, it records the complete input parameter string in the log via logger.error(str + \"decode failed\", e). If the input parameter contains sensitive information such as Hive Metastore keys, plaintext passwords will be left in the log files when decoding fails, resulting in information leakage.\n\n\nAffected Scope\nComponent: Sensitive fields in hive-site.xml (e.g., javax.jdo.option.ConnectionPassword) or other fields encoded in Base64.\nVersion: Apache Linkis 1.0.0 \u2013 1.7.0\n\n\nTrigger Conditions\nThe value of the configuration item is an invalid Base64 string.\nLog files are readable by users other than hive-site.xml administrators.\n\n\nSeverity: Low\nThe probability of Base64 decoding failure is low.\nThe leakage is only triggered when logs at the Error level are exposed.\n\nRemediation\nApache Linkis 1.8.0 and later versions have replaced the log with desensitized content.\nlogger.error(\"URL decode failed: {}\", e.getMessage());   // \u4e0d\u518d\u8f93\u51fa str\n\n\nUsers are recommended to upgrade to version 1.8.0, which fixes the issue.",
  "id": "GHSA-6vfr-p2hx-6v32",
  "modified": "2026-01-21T01:03:28Z",
  "published": "2026-01-19T09:30:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59355"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/apache/linkis"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread/4dcgmqdkk2p5y4k43ok5rgd4ylx8698h"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread/75z7vhftw6w1mllndgpkfmcj0fzo4lbj"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2025/09/19/1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Apache Linkis: Password Exposure"
}

GHSA-6W48-6MX5-8F6C

Vulnerability from github – Published: 2024-06-27 18:31 – Updated: 2024-06-27 18:31
VLAI
Details

IBM Security Verify Access 10.0.0 through 10.0.7.1 could allow a local user to obtain sensitive information from trace logs. IBM X-Force ID: 252183.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-30430"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-06-27T16:15:10Z",
    "severity": "MODERATE"
  },
  "details": "IBM Security Verify Access 10.0.0 through 10.0.7.1 could allow a local user to obtain sensitive information from trace logs.  IBM X-Force ID:  252183.",
  "id": "GHSA-6w48-6mx5-8f6c",
  "modified": "2024-06-27T18:31:31Z",
  "published": "2024-06-27T18:31:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-30430"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/252183"
    },
    {
      "type": "WEB",
      "url": "https://www.ibm.com/support/pages/node/7158789"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6W87-G839-9WV7

Vulnerability from github – Published: 2021-05-21 14:31 – Updated: 2021-10-05 16:35
VLAI
Summary
Helm OCI credentials leaked into Argo CD logs
Details

Impact

When Argo CD was connected to a Helm OCI repository with authentication enabled, the credentials used for accessing the remote repository were logged.

Anyone with access to the pod logs - either via access with appropriate permissions to the Kubernetes control plane or a third party log management system where the logs from Argo CD were aggregated - could have potentially obtained the credentials to the Helm OCI repository.

If you are using Helm OCI repositories with Argo CD, it is strongly recommended to upgrade Argo CD to the latest patch version and to change the credentials used to access the repositories.

Patches

A patch for this vulnerability is available with the v1.8.7 and v1.7.14 releases of Argo CD.

Workarounds

No workaround available

References

N/A

For more information

If you have any questions or comments about this advisory:

Credits

This vulnerability was found and reported by a third-party who wishes to stay anonymous. We want to thank this third-party for disclosing this vulnerability to us in a responsible manner.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/argoproj/argo-cd"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.7.14"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/argoproj/argo-cd"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.8.0"
            },
            {
              "fixed": "1.8.7"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-05-21T14:21:01Z",
    "nvd_published_at": null,
    "severity": "MODERATE"
  },
  "details": "### Impact\n\nWhen Argo CD was connected to a Helm OCI repository with authentication enabled, the credentials used for accessing the remote repository were logged.\n\nAnyone with access to the pod logs - either via access with appropriate permissions to the Kubernetes control plane or a third party log management system where the logs from Argo CD were aggregated - could have potentially obtained the credentials to the Helm OCI repository.\n\nIf you are using Helm OCI repositories with Argo CD, it is strongly recommended to upgrade Argo CD to the latest patch version and to change the credentials used to access the repositories.\n\n### Patches\n\nA patch for this vulnerability is available with the v1.8.7 and v1.7.14 releases of Argo CD.\n\n### Workarounds\n\nNo workaround available\n\n### References\n\nN/A\n\n### For more information\n\nIf you have any questions or comments about this advisory:\n\n* Open an issue in [the Argo CD issue tracker](https://github.com/argoproj/argo-cd/issues) or [discussions](https://github.com/argoproj/argo-cd/discussions)\n* Join us on [Slack](https://argoproj.github.io/community/join-slack) in channel `#argo-cd`\n\n### Credits\n\nThis vulnerability was found and reported by a third-party who wishes to stay anonymous. We want to thank this third-party for disclosing this vulnerability to us in a responsible manner.",
  "id": "GHSA-6w87-g839-9wv7",
  "modified": "2021-10-05T16:35:57Z",
  "published": "2021-05-21T14:31:28Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-6w87-g839-9wv7"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/argoproj/argo-cd"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Helm OCI credentials leaked into Argo CD logs"
}

Mitigation
Architecture and Design Implementation

Consider seriously the sensitivity of the information written into log files. Do not write secrets into the log files.

Mitigation
Distribution

Remove debug log files before deploying the application into production.

Mitigation
Operation

Protect log files against unauthorized read/write.

Mitigation
Implementation

Adjust configurations appropriately when software is transitioned from a debug state to production.

CAPEC-215: Fuzzing for application mapping

An attacker sends random, malformed, or otherwise unexpected messages to a target application and observes the application's log or error messages returned. The attacker does not initially know how a target will respond to individual messages but by attempting a large number of message variants they may find a variant that trigger's desired behavior. In this attack, the purpose of the fuzzing is to observe the application's log and error messages, although fuzzing a target can also sometimes cause the target to enter an unstable state, causing a crash.