Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fortify Issue: Log Forging #307

Open
cmheazel opened this issue Jan 17, 2018 · 2 comments
Open

Fortify Issue: Log Forging #307

cmheazel opened this issue Jan 17, 2018 · 2 comments
Assignees
@bpross-52n @cmheazel
Labels
enhancement
Projects
CITE

Comments

@cmheazel
Copy link
Contributor

Log forging is a vulnerability where a user can write unvalidated content to the log. This is a specific instance of the larger issue of user input validation. Fixes to this issue may also address other issues such as Path Manipulation.
@cmheazel cmheazel self-assigned this Jan 17, 2018
@dstenger dstenger added this to In progress in CITE Apr 11, 2019
@dstenger dstenger moved this from In progress to To do in CITE Jan 7, 2020
@dstenger dstenger mentioned this issue Apr 14, 2022
Merged
@dstenger dstenger moved this from To do to In progress in CITE Apr 14, 2022
@dstenger
Copy link
Contributor

@bpross-52n Can you please check if this issue is solved by #515?

@bpross-52n
Copy link
Contributor

Even though the branch for #515 has this issue number in it, the pull request only fortifies against path manipulation. So log forging is not prevented by #515.

@dstenger dstenger moved this from In progress to To do in CITE May 9, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@bpross-52n bpross-52n

@cmheazel cmheazel

Labels
enhancement
Projects
CITE
  
To do
Milestone
No milestone
Development

No branches or pull requests
4 participants
@dstenger @lgoltz @bpross-52n @cmheazel