CVE-2025-54125: Brittle Xml Regex Redaction
Redacting sensitive information in XML or structured text using string replacements or regular expressions is brittle. It fails to redact sensitive data stored in properties with different names not covered by the exact regex. Rely on structured serialization APIs to exclude sensitive properties before building the output.
Provally CuratedPublic repositoryMediumMedium confidenceVerifiedApache-2.0
Javaβ
Javaβgreprules fetch cve-2025-54125-brittle-xml-regex-redaction --engine opengrepDescription
Redacting sensitive information in XML or structured text using string replacements or regular expressions is brittle. It fails to redact sensitive data stored in properties with different names not covered by the exact regex. Rely on structured serialization APIs to exclude sensitive properties before building the output.
Community feedback
0 signals from signed-in users.
- Useful
- 0
- False positive
- 0
- Metadata
- 0