Explore

Filters (0) Clear filters
Languages
Level
Tags

1-25 of 36

Info Leakage: Throwable.printStacktrace leaks valuable program structure information

Printing a stack trace gives valuable information about software internals, including library/framework names and versions, to an attacker

  • warning
  • java
  • security
  • framework specific
  • logging
  • Logger
Prevent CRLF injection in SLF4J

Encode untrustated data to prevent the log files from CRLF injections

  • marked_information
  • java
  • security
  • SLF4J
  • framework specific
  • logging
  • injection
Prevent CRLF injection in SLF4J using the Logstash Logback Encoder

Encode untrustated data to prevent the log files from CRLF injections

  • marked_information
  • java
  • security
  • SLF4J
  • framework specific
  • logging
  • injection
SLF4J Logging: enforce usage of placeholders in the messages

Do not concatenate untrusted data in the message string, instead use placeholders ( '{}' )

  • marked_information
  • java
  • security
  • logging
  • injection
  • OWASP Top 10
  • SLF4J
  • framework specific
SLF4J Logging: Logger modifiers

The logger should be a private static final field

  • marked_information
  • java
  • SLF4J
  • framework specific
  • logging
  • quality
SLF4J Logging: Naming convention: Reserved logger name

The name "logger" should be reserved for the SLF4J logger instance. Use Refactor Rename (Shift+F6) to rename this variable.

  • marked_information
  • java
  • SLF4J
  • framework specific
  • logging
  • quality
SLF4J Logging: Naming convention: Standardise logger name

The SLF4J logger instance should be named "logger". Use Refactor Rename (Shift+F6) to rename this variable.

  • marked_information
  • java
  • SLF4J
  • framework specific
  • logging
  • quality
SLF4J Logging: Print Exceptions using SLF4J instead

Standardise on SLF4J by replacing this call

  • marked_information
  • java
  • security
  • SLF4J
  • framework specific
  • logging
SLF4J Logging: Replace java.util.logging with SLF4J (Debug)

Standardise on SLF4J by replacing this call

  • marked_information
  • java
  • SLF4J
  • framework specific
  • logging
  • quality
SLF4J Logging: Replace java.util.logging with SLF4J (Error)

Standardise on SLF4J by replacing this call

  • marked_information
  • java
  • SLF4J
  • framework specific
  • logging
  • quality
SLF4J Logging: Replace java.util.logging with SLF4J (Info)

Standardise on SLF4J by replacing this call

  • marked_information
  • java
  • SLF4J
  • framework specific
  • logging
  • quality
SLF4J Logging: Replace java.util.logging with SLF4J (Log Debug)

Standardise on SLF4J by replacing this call

  • marked_information
  • java
  • SLF4J
  • framework specific
  • logging
  • quality
SLF4J Logging: Replace java.util.logging with SLF4J (Log Error)

Standardise on SLF4J by replacing this call

  • marked_information
  • java
  • SLF4J
  • framework specific
  • logging
  • quality
SLF4J Logging: Replace java.util.logging with SLF4J (Log Exception Debug)

Standardise on SLF4J by replacing this call

  • marked_information
  • java
  • SLF4J
  • framework specific
  • logging
  • quality
SLF4J Logging: Replace java.util.logging with SLF4J (Log Exception Error)

Standardise on SLF4J by replacing this call

  • marked_information
  • java
  • SLF4J
  • framework specific
  • logging
  • quality
SLF4J Logging: Replace java.util.logging with SLF4J (Log Exception Info)

Standardise on SLF4J by replacing this call

  • marked_information
  • java
  • SLF4J
  • framework specific
  • logging
  • quality
SLF4J Logging: Replace java.util.logging with SLF4J (Log Exception Trace)

Standardise on SLF4J by replacing this call

  • marked_information
  • java
  • SLF4J
  • framework specific
  • logging
  • quality
SLF4J Logging: Replace java.util.logging with SLF4J (Log Exception Warning)

Standardise on SLF4J by replacing this call

  • marked_information
  • java
  • SLF4J
  • framework specific
  • logging
  • quality
SLF4J Logging: Replace java.util.logging with SLF4J (Log Info)

Standardise on SLF4J by replacing this call

  • marked_information
  • java
  • SLF4J
  • framework specific
  • logging
  • quality
SLF4J Logging: Replace java.util.logging with SLF4J (Log Object Debug)

Standardise on SLF4J by replacing this call

  • marked_information
  • java
  • SLF4J
  • framework specific
  • logging
  • quality
SLF4J Logging: Replace java.util.logging with SLF4J (Log Object Error)

Standardise on SLF4J by replacing this call

  • marked_information
  • java
  • SLF4J
  • framework specific
  • logging
  • quality
SLF4J Logging: Replace java.util.logging with SLF4J (Log Object Info)

Standardise on SLF4J by replacing this call

  • marked_information
  • java
  • SLF4J
  • framework specific
  • logging
  • quality
SLF4J Logging: Replace java.util.logging with SLF4J (Log Object Trace)

Standardise on SLF4J by replacing this call

  • marked_information
  • java
  • SLF4J
  • framework specific
  • logging
  • quality
SLF4J Logging: Replace java.util.logging with SLF4J (Log Object Warning)

Standardise on SLF4J by replacing this call

  • marked_information
  • java
  • SLF4J
  • framework specific
  • logging
  • quality
SLF4J Logging: Replace java.util.logging with SLF4J (Log Trace)

Standardise on SLF4J by replacing this call

  • marked_information
  • java
  • SLF4J
  • framework specific
  • logging
  • quality