netfoil: Attacker controlled data written to logs
Low severity
GitHub Reviewed
Published
May 31, 2026
in
tinfoil-factory/netfoil
•
Updated Jul 7, 2026
Description
Published to the GitHub Advisory Database
Jul 7, 2026
Reviewed
Jul 7, 2026
Last updated
Jul 7, 2026
Summary
Domain names were written to the log without first being validated to contain allowed characters.
Impact
Depends on how the logs were used.
References