CVE-2021-32767: Inclusion of Sensitive Information in Log Files

July 20, 2021 (updated September 21, 2021)

TYPO3 is an open source PHP based web content management system. User credentials may been logged as plain-text. This occurs when explicitly using log level debug, which is not the default configuration. TYPO3 contain a patch for this vulnerability.

References

nvd.nist.gov/vuln/detail/CVE-2021-32767

Code Behaviors & Features

Detect and mitigate CVE-2021-32767 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →