CVE-2019-7612 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	High
Remote	No
Type	Information disclosure
Description	A sensitive data disclosure flaw was found in the way Logstash logs malformed URLs. If a malformed URL is specified as part of the Logstash configuration, the credentials for the URL could be inadvertently logged as part of the error message.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-913	logstash	6.6.0-1	6.6.1-1	High	Fixed

Date	Advisory	Group	Package	Severity	Type
25 Feb 2019	ASA-201902-28	AVG-913	logstash	High	information disclosure

References
https://discuss.elastic.co/t/elastic-stack-6-6-1-and-5-6-15-security-update/169077