Vulnerabilities > Improper Output Neutralization for Logs
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-07 | CVE-2019-14854 | Improper Output Neutralization for Logs vulnerability in Redhat Openshift Container Platform 4.1/4.2 OpenShift Container Platform 4 does not sanitize secret data written to static pod logs when the log level in a given operator is set to Debug or higher. | 6.5 |
| 2020-01-02 | CVE-2019-14864 | Improper Output Neutralization for Logs vulnerability in multiple products Ansible, versions 2.9.x before 2.9.1, 2.8.x before 2.8.7 and Ansible versions 2.7.x before 2.7.15, is not respecting the flag no_log set it to True when Sumologic and Splunk callback plugins are used send tasks results events to collectors. | 6.5 |
| 2019-11-25 | CVE-2019-10213 | Improper Output Neutralization for Logs vulnerability in Redhat Openshift Container Platform 4.1/4.2 OpenShift Container Platform, versions 4.1 and 4.2, does not sanitize secret data written to pod logs when the log level in a given operator is set to Debug or higher. | 6.5 |
| 2019-10-08 | CVE-2019-14846 | Improper Output Neutralization for Logs vulnerability in multiple products In Ansible, all Ansible Engine versions up to ansible-engine 2.8.5, ansible-engine 2.7.13, ansible-engine 2.6.19, were logging at the DEBUG level which lead to a disclosure of credentials if a plugin used a library that logged credentials at the DEBUG level. | 7.8 |
| 2018-08-21 | CVE-2018-10932 | Improper Output Neutralization for Logs vulnerability in Intel Lldptool lldptool version 1.0.1 and older can print a raw, unsanitized attacker controlled buffer when mngAddr information is displayed. | 4.3 |