CVE-2021-34797: Insertion of Sensitive Information into Log File

January 4, 2022 (updated January 12, 2022)

Apache Geode is vulnerable to log file redaction of sensitive information flaw when using values that begin with characters other than letters or numbers for passwords.

References

lists.apache.org/thread/nq2w9gjzm1cjx1rh6zw41ty39qw7qpx4
lists.apache.org/thread/p4l0g49rzzzpn8yt9q9p0xp52h3zmsmk
nvd.nist.gov/vuln/detail/CVE-2021-34797

Code Behaviors & Features

Detect and mitigate CVE-2021-34797 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →