CVE-2025-59355: CWE-532 Insertion of Sensitive Information into Log File in Apache Software Foundation Apache Linkis
A vulnerability. When org.apache.linkis.metadata.util.HiveUtils.decode() fails to perform Base64 decoding, it records the complete input parameter string in the log via logger.error(str + "decode failed", e). If the input parameter contains sensitive information such as Hive Metastore keys, plaintext passwords will be left in the log files when decoding fails, resulting in information leakage. Affected Scope Component: Sensitive fields in hive-site.xml (e.g., javax.jdo.option.ConnectionPassword) or other fields encoded in Base64. Version: Apache Linkis 1.0.0 – 1.7.0 Trigger Conditions The value of the configuration item is an invalid Base64 string. Log files are readable by users other than hive-site.xml administrators. Severity: Low The probability of Base64 decoding failure is low. The leakage is only triggered when logs at the Error level are exposed. Remediation Apache Linkis 1.8.0 and later versions have replaced the log with desensitized content. logger.error("URL decode failed: {}", e.getMessage()); // 不再输出 str Users are recommended to upgrade to version 1.8.0, which fixes the issue.
AI Analysis
Technical Summary
CVE-2025-59355 is a security vulnerability classified under CWE-532 (Insertion of Sensitive Information into Log File) affecting Apache Linkis versions 1.0.0 to 1.7.0. The vulnerability arises in the HiveUtils.decode() method, which attempts to perform Base64 decoding on input parameters. When decoding fails, the method logs the entire input string along with the error, including potentially sensitive data such as Hive Metastore keys or plaintext passwords embedded in configuration files like hive-site.xml. This results in sensitive information being written to log files, which may be accessible to unauthorized users if proper file permissions are not enforced. The vulnerability is triggered only if the configuration value is an invalid Base64 string and error-level logging is enabled. The Apache Linkis project addressed this issue in version 1.8.0 by modifying the error logging to exclude sensitive input data, instead logging only the error message. No known exploits are reported in the wild, and the likelihood of Base64 decoding failure is low, but the exposure of sensitive credentials in logs poses a confidentiality risk. The vulnerability does not affect the integrity or availability of the system but can lead to information leakage if logs are improperly secured.
Potential Impact
For European organizations, the primary impact of CVE-2025-59355 is the potential leakage of sensitive credentials such as Hive Metastore passwords through log files. This can lead to unauthorized access to critical data stores if attackers gain access to these logs. The risk is heightened in environments where log files are accessible to multiple users or insufficiently protected. Although the probability of triggering the vulnerability is low, the exposure of plaintext passwords can facilitate lateral movement or privilege escalation within enterprise data platforms. Organizations relying on Apache Linkis for data integration and analytics, especially those handling sensitive or regulated data under GDPR, face compliance and reputational risks if such information leakage occurs. The vulnerability does not directly affect system availability or integrity but compromises confidentiality, which can have cascading effects on overall security posture.
Mitigation Recommendations
European organizations should upgrade Apache Linkis to version 1.8.0 or later, where the vulnerability is fixed by desensitizing error logs. Until upgrading is possible, organizations should implement strict access controls on log files to ensure only authorized administrators can read them. Review and audit logging configurations to minimize error-level logging exposure of sensitive data. Additionally, validate and sanitize configuration inputs to prevent invalid Base64 strings from being processed. Employ centralized log management solutions with encryption and role-based access controls to protect sensitive logs. Regularly monitor logs for any unexpected error messages that might indicate attempts to exploit this vulnerability. Finally, conduct security awareness training for administrators to understand the risks of sensitive data exposure in logs and enforce secure operational practices.
Affected Countries
Germany, France, United Kingdom, Netherlands, Sweden, Italy
CVE-2025-59355: CWE-532 Insertion of Sensitive Information into Log File in Apache Software Foundation Apache Linkis
Description
A vulnerability. When org.apache.linkis.metadata.util.HiveUtils.decode() fails to perform Base64 decoding, it records the complete input parameter string in the log via logger.error(str + "decode failed", e). If the input parameter contains sensitive information such as Hive Metastore keys, plaintext passwords will be left in the log files when decoding fails, resulting in information leakage. Affected Scope Component: Sensitive fields in hive-site.xml (e.g., javax.jdo.option.ConnectionPassword) or other fields encoded in Base64. Version: Apache Linkis 1.0.0 – 1.7.0 Trigger Conditions The value of the configuration item is an invalid Base64 string. Log files are readable by users other than hive-site.xml administrators. Severity: Low The probability of Base64 decoding failure is low. The leakage is only triggered when logs at the Error level are exposed. Remediation Apache Linkis 1.8.0 and later versions have replaced the log with desensitized content. logger.error("URL decode failed: {}", e.getMessage()); // 不再输出 str Users are recommended to upgrade to version 1.8.0, which fixes the issue.
AI-Powered Analysis
Technical Analysis
CVE-2025-59355 is a security vulnerability classified under CWE-532 (Insertion of Sensitive Information into Log File) affecting Apache Linkis versions 1.0.0 to 1.7.0. The vulnerability arises in the HiveUtils.decode() method, which attempts to perform Base64 decoding on input parameters. When decoding fails, the method logs the entire input string along with the error, including potentially sensitive data such as Hive Metastore keys or plaintext passwords embedded in configuration files like hive-site.xml. This results in sensitive information being written to log files, which may be accessible to unauthorized users if proper file permissions are not enforced. The vulnerability is triggered only if the configuration value is an invalid Base64 string and error-level logging is enabled. The Apache Linkis project addressed this issue in version 1.8.0 by modifying the error logging to exclude sensitive input data, instead logging only the error message. No known exploits are reported in the wild, and the likelihood of Base64 decoding failure is low, but the exposure of sensitive credentials in logs poses a confidentiality risk. The vulnerability does not affect the integrity or availability of the system but can lead to information leakage if logs are improperly secured.
Potential Impact
For European organizations, the primary impact of CVE-2025-59355 is the potential leakage of sensitive credentials such as Hive Metastore passwords through log files. This can lead to unauthorized access to critical data stores if attackers gain access to these logs. The risk is heightened in environments where log files are accessible to multiple users or insufficiently protected. Although the probability of triggering the vulnerability is low, the exposure of plaintext passwords can facilitate lateral movement or privilege escalation within enterprise data platforms. Organizations relying on Apache Linkis for data integration and analytics, especially those handling sensitive or regulated data under GDPR, face compliance and reputational risks if such information leakage occurs. The vulnerability does not directly affect system availability or integrity but compromises confidentiality, which can have cascading effects on overall security posture.
Mitigation Recommendations
European organizations should upgrade Apache Linkis to version 1.8.0 or later, where the vulnerability is fixed by desensitizing error logs. Until upgrading is possible, organizations should implement strict access controls on log files to ensure only authorized administrators can read them. Review and audit logging configurations to minimize error-level logging exposure of sensitive data. Additionally, validate and sanitize configuration inputs to prevent invalid Base64 strings from being processed. Employ centralized log management solutions with encryption and role-based access controls to protect sensitive logs. Regularly monitor logs for any unexpected error messages that might indicate attempts to exploit this vulnerability. Finally, conduct security awareness training for administrators to understand the risks of sensitive data exposure in logs and enforce secure operational practices.
Affected Countries
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- apache
- Date Reserved
- 2025-09-12T13:49:22.918Z
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 696df1ced302b072d99017b5
Added to database: 1/19/2026, 8:56:46 AM
Last enriched: 1/19/2026, 9:11:22 AM
Last updated: 1/19/2026, 10:11:23 AM
Views: 5
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Related Threats
CVE-2026-1148: Cross-Site Request Forgery in SourceCodester Patients Waiting Area Queue Management System
MediumCVE-2026-1147: Cross Site Scripting in SourceCodester Patients Waiting Area Queue Management System
MediumCVE-2026-1146: Cross Site Scripting in SourceCodester Patients Waiting Area Queue Management System
MediumCVE-2025-29847: CWE-20 Improper Input Validation in Apache Software Foundation Apache Linkis
UnknownCVE-2026-1145: Heap-based Buffer Overflow in quickjs-ng quickjs
MediumActions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console in Console -> Billing for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.