CVE-2025-49009: Plaintext Log Access Token

A sensitive access or authentication token is logged in cleartext. Mask the token string before logging it.

Provally CuratedPublic repositoryMediumMedium confidenceVerifiedApache-2.0

Java^β

greprules fetch cve-2025-49009-plaintext-log-access-token --engine opengrep

Description

A sensitive access or authentication token is logged in cleartext. Mask the token string before logging it.

License: Apache-2.0
Source context: Public repository
Source: Provally CVE rule catalog
Validation status: Verified
Quality signals: 145 downloads
0 direct145 via packs
· 0 stars · Quality score 70How quality works
Included packs: 2 packs

0 signals from signed-in users.