CVE-2025-62232

Name of the Vulnerable Software and Affected Versions Apache APISIX versions prior to 3.14

Description A flaw exists where sensitive data, specifically usernames and passwords used in basic authentication, are exposed through logging. When the log level is set to INFO or DEBUG, these credentials are written in plaintext to error logs and subsequently forwarded to log sinks, potentially leading to credential compromise if log access is unauthorized.

Recommendations Upgrade to version 3.14 or later to address this issue.