CWE-532
AllowedInsertion of Sensitive Information into Log File
Abstraction: Base · Status: Incomplete
The product writes sensitive information to a log file.
1744 vulnerabilities reference this CWE, most recent first.
GHSA-C3Q9-Q986-VRWH
Vulnerability from github – Published: 2025-03-10 18:31 – Updated: 2025-03-14 20:04Nomad Community and Nomad Enterprise (“Nomad”) are vulnerable to unintentional exposure of the workload identity token and client secret token in audit logs. This vulnerability, identified as CVE-2025-1296, is fixed in Nomad Community Edition 1.9.7 and Nomad Enterprise 1.9.7, 1.8.11, and 1.7.19.
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/hashicorp/nomad"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.9.6"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-1296"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": true,
"github_reviewed_at": "2025-03-10T22:25:55Z",
"nvd_published_at": "2025-03-10T18:15:30Z",
"severity": "MODERATE"
},
"details": "Nomad Community and Nomad Enterprise (\u201cNomad\u201d) are vulnerable to unintentional exposure of the workload identity token and client secret token in audit logs. This vulnerability, identified as CVE-2025-1296, is fixed in Nomad Community Edition 1.9.7 and Nomad Enterprise 1.9.7, 1.8.11, and 1.7.19.",
"id": "GHSA-c3q9-q986-vrwh",
"modified": "2025-03-14T20:04:19Z",
"published": "2025-03-10T18:31:57Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-1296"
},
{
"type": "WEB",
"url": "https://github.com/hashicorp/nomad/commit/dc482bf9058faf7a192486eb52caa1d42646f6b3"
},
{
"type": "WEB",
"url": "https://discuss.hashicorp.com/t/hcsec-2025-04-nomad-exposes-sensitive-workload-identity-and-client-secret-token-in-audit-logs/73737"
},
{
"type": "PACKAGE",
"url": "https://github.com/hashicorp/nomad"
},
{
"type": "WEB",
"url": "https://pkg.go.dev/vuln/GO-2025-3510"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Nomad is vulnerable to unintentional exposure of the workload identity token and client secret token in audit logs"
}
GHSA-C45C-73JC-5CP5
Vulnerability from github – Published: 2023-04-24 03:30 – Updated: 2024-04-04 03:38CloverDX before 5.17.3 writes passwords to the audit log in certain situations, if the audit log is enabled and single sign-on is not employed. The fixed versions are 5.15.4, 5.16.2, 5.17.3, and 6.0.x.
{
"affected": [],
"aliases": [
"CVE-2023-31056"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-04-24T03:15:07Z",
"severity": "MODERATE"
},
"details": "CloverDX before 5.17.3 writes passwords to the audit log in certain situations, if the audit log is enabled and single sign-on is not employed. The fixed versions are 5.15.4, 5.16.2, 5.17.3, and 6.0.x.",
"id": "GHSA-c45c-73jc-5cp5",
"modified": "2024-04-04T03:38:58Z",
"published": "2023-04-24T03:30:17Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-31056"
},
{
"type": "WEB",
"url": "https://support1.cloverdx.com/hc/en-us/articles/8484869595164-Security-advisory-April-2023"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-C49H-JV3F-MRWC
Vulnerability from github – Published: 2022-05-24 19:10 – Updated: 2022-05-24 19:10Dell Wyse ThinOS, versions 9.0, 9.1, and 9.1 MR1, contain a Sensitive Information Disclosure Vulnerability. An authenticated attacker with physical access to the system could exploit this vulnerability to read sensitive Smartcard data in log files.
{
"affected": [],
"aliases": [
"CVE-2021-21598"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-08-10T19:15:00Z",
"severity": "LOW"
},
"details": "Dell Wyse ThinOS, versions 9.0, 9.1, and 9.1 MR1, contain a Sensitive Information Disclosure Vulnerability. An authenticated attacker with physical access to the system could exploit this vulnerability to read sensitive Smartcard data in log files.",
"id": "GHSA-c49h-jv3f-mrwc",
"modified": "2022-05-24T19:10:31Z",
"published": "2022-05-24T19:10:31Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21598"
},
{
"type": "WEB",
"url": "https://www.dell.com/support/kbdoc/000189543"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-C4JR-VJM4-27HQ
Vulnerability from github – Published: 2023-03-28 21:30 – Updated: 2023-04-05 19:40Veracode Scan Jenkins Plugin before 23.3.19.0 is vulnerable to information disclosure of proxy credentials in job logs under specific configurations.
Users are potentially affected if they: - are using Veracode Scan Jenkins Plugin prior to 23.3.19.0 - AND have configured Veracode Scan to run on remote agent jobs - AND have enabled the "Connect using proxy" option - AND have configured the proxy settings with proxy credentials - AND a Jenkins admin has enabled debug in global system settings.
By default, even in this configuration only the job owner or Jenkins admin can view the job log.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "com.veracode.jenkins:veracode-scan"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "23.3.19.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2023-25721"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": true,
"github_reviewed_at": "2023-04-05T19:40:36Z",
"nvd_published_at": "2023-03-28T20:15:00Z",
"severity": "MODERATE"
},
"details": "Veracode Scan Jenkins Plugin before 23.3.19.0 is vulnerable to information disclosure of proxy credentials in job logs under specific configurations.\n\nUsers are potentially affected if they:\n- are using Veracode Scan Jenkins Plugin prior to 23.3.19.0\n- AND have configured Veracode Scan to run on remote agent jobs\n- AND have enabled the \"Connect using proxy\" option\n- AND have configured the proxy settings with proxy credentials\n- AND a Jenkins admin has enabled debug in global system settings.\n\nBy default, even in this configuration only the job owner or Jenkins admin can view the job log.",
"id": "GHSA-c4jr-vjm4-27hq",
"modified": "2023-04-05T19:40:36Z",
"published": "2023-03-28T21:30:20Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25721"
},
{
"type": "WEB",
"url": "https://community.veracode.com/s/spotlight/frequently-asked-questions-for-cve-2023-25721-and-cve-2023-25722-MCFT34TH6OGRFR7F7JGDQQP4TNZE"
},
{
"type": "WEB",
"url": "https://docs.veracode.com/updates/r/c_all_int#veracode-jenkins-plugin-233190"
},
{
"type": "PACKAGE",
"url": "https://github.com/jenkinsci/veracode-scan-plugin"
},
{
"type": "WEB",
"url": "https://veracode.com"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Veracode Scan Jenkins Plugin vulnerable to information disclosure"
}
GHSA-C4W9-XPCR-FXJJ
Vulnerability from github – Published: 2026-01-17 03:30 – Updated: 2026-02-02 18:31In Secure Access 12.70 and prior to 14.20, the logging subsystem may write an unredacted authentication token to logs under certain configurations. Any party with access to those logs could read the token and reuse it to access an integrated system.
{
"affected": [],
"aliases": [
"CVE-2026-0519"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-01-17T02:15:49Z",
"severity": "MODERATE"
},
"details": "In Secure Access 12.70 and prior to 14.20, the logging \nsubsystem may write an unredacted authentication token to logs under \ncertain configurations. Any party with access to those logs could read \nthe token and reuse it to access an integrated system.",
"id": "GHSA-c4w9-xpcr-fxjj",
"modified": "2026-02-02T18:31:30Z",
"published": "2026-01-17T03:30:24Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-0519"
},
{
"type": "WEB",
"url": "https://www.absolute.com/platform/security-information/vulnerability-archive/cve-2026-0519"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-C527-HCF9-M2FF
Vulnerability from github – Published: 2024-06-14 06:34 – Updated: 2024-07-04 06:35The sessions are stored in clear-text logs. An attacker can retrieve authentication sessions. A remote attacker can retrieve the credentials and bypass the authentication mechanism. As for the affected products/models/versions, see the reference URL.
{
"affected": [],
"aliases": [
"CVE-2024-27157"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-06-14T04:15:26Z",
"severity": "MODERATE"
},
"details": "The sessions are stored in clear-text logs. An attacker can retrieve authentication sessions. A remote attacker can retrieve the credentials and bypass the authentication mechanism. As for the affected products/models/versions, see the reference URL.",
"id": "GHSA-c527-hcf9-m2ff",
"modified": "2024-07-04T06:35:03Z",
"published": "2024-06-14T06:34:46Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27157"
},
{
"type": "WEB",
"url": "https://jvn.jp/en/vu/JVNVU97136265/index.html"
},
{
"type": "WEB",
"url": "https://www.toshibatec.com/information/20240531_01.html"
},
{
"type": "WEB",
"url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2024/Jul/1"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-C57P-3V2G-W9RG
Vulnerability from github – Published: 2022-05-14 01:17 – Updated: 2024-02-21 21:32Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.19, when the MemoryUserDatabase is used, creates log entries containing passwords upon encountering errors in JMX user creation, which allows local users to obtain sensitive information by reading a log file.
This issue was fixed in Apache Tomcat 7.0.17 but the release votes for the 7.0.17 and 7.0.18 release candidates did not pass. Therefore, users must download 7.0.19 to obtain a version that includes a fix.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.tomcat:tomcat"
},
"ranges": [
{
"events": [
{
"introduced": "5.5.0"
},
{
"fixed": "5.5.34"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.tomcat:tomcat"
},
"ranges": [
{
"events": [
{
"introduced": "6.0.0"
},
{
"fixed": "6.0.33"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.tomcat:tomcat"
},
"ranges": [
{
"events": [
{
"introduced": "7.0.0"
},
{
"fixed": "7.0.19"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2011-2204"
],
"database_specific": {
"cwe_ids": [
"CWE-200",
"CWE-532"
],
"github_reviewed": true,
"github_reviewed_at": "2022-07-13T17:26:44Z",
"nvd_published_at": "2011-06-29T17:55:00Z",
"severity": "MODERATE"
},
"details": "Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.19, when the MemoryUserDatabase is used, creates log entries containing passwords upon encountering errors in JMX user creation, which allows local users to obtain sensitive information by reading a log file.\n\nThis issue was fixed in Apache Tomcat 7.0.17 but the release votes for the 7.0.17 and 7.0.18 release candidates did not pass. Therefore, users must download 7.0.19 to obtain a version that includes a fix.",
"id": "GHSA-c57p-3v2g-w9rg",
"modified": "2024-02-21T21:32:35Z",
"published": "2022-05-14T01:17:03Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2204"
},
{
"type": "WEB",
"url": "https://github.com/apache/tomcat/commit/763a56b45999653ce648a18462b8a826809215b1"
},
{
"type": "WEB",
"url": "https://github.com/apache/tomcat55/commit/8b81c8c869987e35deed04993ecfcf7be27ca298"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2011:1845"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=717013"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68238"
},
{
"type": "PACKAGE",
"url": "https://github.com/apache/tomcat"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14931"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19532"
},
{
"type": "WEB",
"url": "https://web.archive.org/web/20110711083618/http://securitytracker.com/id?1025712"
},
{
"type": "WEB",
"url": "http://marc.info/?l=bugtraq\u0026m=132215163318824\u0026w=2"
},
{
"type": "WEB",
"url": "http://marc.info/?l=bugtraq\u0026m=133469267822771\u0026w=2"
},
{
"type": "WEB",
"url": "http://marc.info/?l=bugtraq\u0026m=136485229118404\u0026w=2"
},
{
"type": "WEB",
"url": "http://marc.info/?l=bugtraq\u0026m=139344343412337\u0026w=2"
},
{
"type": "WEB",
"url": "http://support.apple.com/kb/HT5130"
},
{
"type": "WEB",
"url": "http://tomcat.apache.org/security-5.html"
},
{
"type": "WEB",
"url": "http://tomcat.apache.org/security-6.html"
},
{
"type": "WEB",
"url": "http://tomcat.apache.org/security-7.html"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2012/dsa-2401"
}
],
"schema_version": "1.4.0",
"severity": [],
"summary": "Insertion of Sensitive Information into Log File in Apache Tomcat"
}
GHSA-C5Q2-C79J-WQC2
Vulnerability from github – Published: 2022-03-11 00:02 – Updated: 2022-03-19 00:01Information Exposure vulnerability in Watch Active2 Plugin prior to version 2.2.08.22012751 allows attacker to access password information of connected WiFiAp in the log
{
"affected": [],
"aliases": [
"CVE-2022-25829"
],
"database_specific": {
"cwe_ids": [
"CWE-200",
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-03-10T17:47:00Z",
"severity": "LOW"
},
"details": "Information Exposure vulnerability in Watch Active2 Plugin prior to version 2.2.08.22012751 allows attacker to access password information of connected WiFiAp in the log",
"id": "GHSA-c5q2-c79j-wqc2",
"modified": "2022-03-19T00:01:31Z",
"published": "2022-03-11T00:02:04Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25829"
},
{
"type": "WEB",
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2022\u0026month=3"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-C5QX-P38X-QF5W
Vulnerability from github – Published: 2025-07-21 19:19 – Updated: 2025-07-21 19:19Summary
Log output includes authentication token that provides full account access
Details
The post job action prints the contents of config/config.vdf which holds the saved authentication token and can be used to sign in on another machine. This means any public use of this action leaves authentication tokes for the associated steam accounts publicly available. Additionally, userdata/$user_id$/config/localconfig.vdf contains potentially sensitive information which should not be included in public logs.
PoC
Use the following workflow step
steps:
- name: Setup SteamCMD
uses: buildalon/setup-steamcmd@v1.0.4
- name: Sign into steam
shell: bash
run: |
steamcmd +login ${{ secrets.WORKSHOP_USERNAME }} ${{ secrets.WORKSHOP_PASSWORD }} +quit
Impact
Anyone who has used this workflow action with a steam account is affected and has had valid authentication tokens leaked in the job logs. This is particularly bad for public repositories, as anyone with a GitHub account can access the logs and view the token.
{
"affected": [
{
"package": {
"ecosystem": "GitHub Actions",
"name": "RageAgainstThePixel/setup-steamcmd"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.3.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": true,
"github_reviewed_at": "2025-07-21T19:19:03Z",
"nvd_published_at": null,
"severity": "HIGH"
},
"details": "### Summary\nLog output includes authentication token that provides full account access\n\n### Details\nThe post job action prints the contents of `config/config.vdf` which holds the saved authentication token and can be used to sign in on another machine. This means any public use of this action leaves authentication tokes for the associated steam accounts publicly available. Additionally, `userdata/$user_id$/config/localconfig.vdf` contains potentially sensitive information which should not be included in public logs.\n\n### PoC\nUse the following workflow step\n```\nsteps:\n - name: Setup SteamCMD\n uses: buildalon/setup-steamcmd@v1.0.4\n\n - name: Sign into steam\n shell: bash\n run: |\n steamcmd +login ${{ secrets.WORKSHOP_USERNAME }} ${{ secrets.WORKSHOP_PASSWORD }} +quit\n```\n\n### Impact\nAnyone who has used this workflow action with a steam account is affected and has had valid authentication tokens leaked in the job logs. This is particularly bad for public repositories, as anyone with a GitHub account can access the logs and view the token.",
"id": "GHSA-c5qx-p38x-qf5w",
"modified": "2025-07-21T19:19:03Z",
"published": "2025-07-21T19:19:03Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/RageAgainstThePixel/setup-steamcmd/security/advisories/GHSA-c5qx-p38x-qf5w"
},
{
"type": "WEB",
"url": "https://github.com/RageAgainstThePixel/setup-steamcmd/commit/3e4e408e73bdd46822f1147b45eeeab050fd1ead"
},
{
"type": "PACKAGE",
"url": "https://github.com/RageAgainstThePixel/setup-steamcmd"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "RageAgainstThePixel/setup-steamcmd leaked authentication token in job output logs"
}
GHSA-C5X3-P9MJ-9GV6
Vulnerability from github – Published: 2022-05-24 19:10 – Updated: 2022-05-24 19:10Dell Wyse ThinOS, version 9.0, contains a Sensitive Information Disclosure Vulnerability. An authenticated malicious user with physical access to the system could exploit this vulnerability to read sensitive information written to the log files.
{
"affected": [],
"aliases": [
"CVE-2021-21597"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-08-10T19:15:00Z",
"severity": "LOW"
},
"details": "Dell Wyse ThinOS, version 9.0, contains a Sensitive Information Disclosure Vulnerability. An authenticated malicious user with physical access to the system could exploit this vulnerability to read sensitive information written to the log files.",
"id": "GHSA-c5x3-p9mj-9gv6",
"modified": "2022-05-24T19:10:31Z",
"published": "2022-05-24T19:10:31Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21597"
},
{
"type": "WEB",
"url": "https://www.dell.com/support/kbdoc/000189543"
}
],
"schema_version": "1.4.0",
"severity": []
}
Mitigation
Consider seriously the sensitivity of the information written into log files. Do not write secrets into the log files.
Mitigation
Remove debug log files before deploying the application into production.
Mitigation
Protect log files against unauthorized read/write.
Mitigation
Adjust configurations appropriately when software is transitioned from a debug state to production.
CAPEC-215: Fuzzing for application mapping
An attacker sends random, malformed, or otherwise unexpected messages to a target application and observes the application's log or error messages returned. The attacker does not initially know how a target will respond to individual messages but by attempting a large number of message variants they may find a variant that trigger's desired behavior. In this attack, the purpose of the fuzzing is to observe the application's log and error messages, although fuzzing a target can also sometimes cause the target to enter an unstable state, causing a crash.