Vulnerabilities > Information Exposure Through Log Files
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-02 | CVE-2017-18423 | Information Exposure Through Log Files vulnerability in Cpanel In cPanel before 66.0.2, domain log files become readable after log processing (SEC-273). | 3.3 |
| 2019-08-02 | CVE-2017-18412 | Information Exposure Through Log Files vulnerability in Cpanel cPanel before 67.9999.103 allows Apache HTTP Server log files to become world-readable because of mishandling on an account rename (SEC-296). | 2.5 |
| 2019-08-01 | CVE-2016-10819 | Information Exposure Through Log Files vulnerability in Cpanel In cPanel before 57.9999.54, user log files become world-readable when rotated by cpanellogd (SEC-125). | 6.5 |
| 2019-07-31 | CVE-2019-10364 | Information Exposure Through Log Files vulnerability in Jenkins EC2 Jenkins Amazon EC2 Plugin 1.43 and earlier wrote the beginning of private keys to the Jenkins system log. | 5.5 |
| 2019-07-31 | CVE-2019-10358 | Information Exposure Through Log Files vulnerability in Jenkins Maven Jenkins Maven Integration Plugin 3.3 and earlier did not apply build log decorators to module builds, potentially revealing sensitive build variables in the build log. | 6.5 |
| 2019-07-31 | CVE-2019-10343 | Information Exposure Through Log Files vulnerability in Jenkins Configuration AS Code Jenkins Configuration as Code Plugin 1.24 and earlier did not properly apply masking to values expected to be hidden when logging the configuration being applied. | 3.3 |
| 2019-07-30 | CVE-2019-10165 | Information Exposure Through Log Files vulnerability in Redhat Openshift Container Platform OpenShift Container Platform before version 4.1.3 writes OAuth tokens in plaintext to the audit logs for the Kubernetes API server and OpenShift API server. | 2.3 |
| 2019-07-26 | CVE-2019-0202 | Information Exposure Through Log Files vulnerability in Apache Storm The Apache Storm Logviewer daemon exposes HTTP-accessible endpoints to read/search log files on hosts running Storm. | 7.5 |
| 2019-07-25 | CVE-2019-14268 | Information Exposure Through Log Files vulnerability in Octopus Deploy In Octopus Deploy versions 3.0.19 to 2019.7.2, when a web request proxy is configured, an authenticated user (in certain limited circumstances) could trigger a deployment that writes the web request proxy password to the deployment log in cleartext. | 6.5 |
| 2019-07-23 | CVE-2019-11273 | Information Exposure Through Log Files vulnerability in Pivotal Software Pivotal Container Service Pivotal Container Services (PKS) versions 1.3.x prior to 1.3.7, and versions 1.4.x prior to 1.4.1, contains a vulnerable component which logs the username and password to the billing database. | 4.3 |