CodeAnt AI home pagelight logodark logo
  • Dashboard
  • Dashboard
  • Documentation
  • Demo Call with CEO
  • Blog
  • Slack
  • Get Started
    • CodeAnt AI
    • Setup
    • Control Center
    • Pull Request Review
    • IDE
    • Compliance
    • Anti-Patterns
    • Code Governance
    • Infrastructure Security Database
    • Application Security Database
      • Apex
      • Bash
      • C
      • Clojure
      • Cpp
      • Csharp
        • Dotnet-core
        • Dotnet
        • Jwt-dotnet
        • Lang
          • Audit
          • Best practice
          • Correctness
          • Security
          • Security
        • Mongo
        • Postgres
        • Razor
      • Dockerfile
      • Elixir
      • Fingerprints
      • Generic
      • Go
      • Html
      • Java
      • Javascript
      • Json
      • Kotlin
      • Ocaml
      • Php
      • Problem-based-packs
      • Python
      • Ruby
      • Rust
      • Scala
      • Solidity
      • Swift
      • Terraform
      • Typescript
      • Yaml
    Lang

    Best practice

    String interpolation in log message obscures the distinction between variables and the log message. Use structured logging instead, where the variables are passed as additional arguments and the interpolation is performed by the logging library. This reduces the possibility of log injection and makes it easier to search through logs.
    Likelihood: LOW
    Confidence: LOW
    CWE:
    - CWE-117: Improper Output Neutralization for Logs
    OWASP:
    - A09:2021 - Security Logging and Monitoring Failures

    Secure falseDouble
    twitterlinkedin
    Powered by Mintlify