CVE-2025-2877: Unmasked Dict Pformat Log
A dictionary is formatted using `pformat` and logged within an exception handler. If the dictionary contains sensitive data such as credentials or tokens, it must be explicitly masked before formatting to prevent information disclosure in application logs.
Provally CuratedPublic repositoryMediumMedium confidenceVerifiedApache-2.0
Python
Pythongreprules fetch cve-2025-2877-unmasked-dict-pformat-log --engine opengrepDescription
A dictionary is formatted using `pformat` and logged within an exception handler. If the dictionary contains sensitive data such as credentials or tokens, it must be explicitly masked before formatting to prevent information disclosure in application logs.
Community feedback
0 signals from signed-in users.
- Useful
- 0
- False positive
- 0
- Metadata
- 0