In KDE libksieve before 23.03.80, kmanagesieve/session.cpp places a cleartext password in server logs because a username variable is accidentally given a password value.
{ "ubuntu_priority": "medium", "availability": "No subscription required", "binaries": [ { "binary_name": "kio-sieve", "binary_version": "4:23.08.5-0ubuntu3" }, { "binary_name": "libkf5ksieve-dev", "binary_version": "4:23.08.5-0ubuntu3" }, { "binary_name": "libkpim5kmanagesieve5", "binary_version": "4:23.08.5-0ubuntu3" }, { "binary_name": "libkpim5kmanagesieve5-dbgsym", "binary_version": "4:23.08.5-0ubuntu3" }, { "binary_name": "libkpim5ksieve-data", "binary_version": "4:23.08.5-0ubuntu3" }, { "binary_name": "libkpim5ksieve5", "binary_version": "4:23.08.5-0ubuntu3" }, { "binary_name": "libkpim5ksieve5-dbgsym", "binary_version": "4:23.08.5-0ubuntu3" }, { "binary_name": "libkpim5ksieveui5", "binary_version": "4:23.08.5-0ubuntu3" }, { "binary_name": "libkpim5ksieveui5-dbgsym", "binary_version": "4:23.08.5-0ubuntu3" } ] }