-
epugh updated
3 weeks ago
-
**Description:**
The current implementation in `pages/api/validate-admin-jwt.ts` logs the JWT contents when a JWT fails validation. This poses a risk of sensitive data exposure, as JWTs often contain…
-
**In what version(s) of Spring Integration are you seeing this issue?**
Spring integration 6.2.1
**Describe the bug**
While playing around with a SMB outbound gateway, I encountered it may log …
-
A customer is complaining that username and password can be found in clear text in memory even after the user has logged out.
-
my social security number
my phone number
~~my home address~~ GONE
my cc number
-
**Kibana version:**
8.6.2
**Elasticsearch version:**
8.6.2
**Server OS version:**
**Browser version:**
**Browser OS version:**
**Original install method (e.g. download page, yum, from s…
-
application-dev.yml 中包含敏感信息 access-key-id,access-key-secret,
建议 删除(如果只是修改,历史记录中仍然会存在)
或者
在阿里云删除此 key 并换用新 key(如果不熟悉 git 的话)
同时建议在 .gitignore 文件中添加 *.yml 从而忽略 application-dev.yml 文件
-
https://cwe.mitre.org/data/definitions/214 Invocation of Process Using Visible Sensitive Information
A process is invoked with sensitive command-line arguments, environment variables, or other el…
-
I'd like to capture sensitive data in my test and I do not want it to show up in the reports
Is that possible ?
Actual example
```
POST {{URL}}:/token
{
"login": "{{LOGIN}}",
"passwo…
-
Lucas Smith,(123) 456-7890,123 Main St,01/01/1980