CVE-2022-0718

Published: Aug 29, 2022

Modified: Aug 2, 2024

PUBLISHED

Description

A flaw was found in python-oslo-utils. Due to improper parsing, passwords with a double quote ( " ) in them cause incorrect masking in debug logs, causing any part of the password after the double quote to be plaintext.

Vendor	Product	Versions
n/a	openstack/python-oslo.utils	affected `Affects all versions, Fixed in 4.10.1, 4.12.1.`

Weaknesses (CWE)

CWE-522

References

https://bugzilla.redhat.com/show_bug.cgi?id=2056850

x_refsource_MISC

https://bugs.launchpad.net/oslo.utils/+bug/1949623

x_refsource_MISC

https://opendev.org/openstack/oslo.utils/commit/6e17ae1f7959c64dfd20a5f67edf422e702426aa

x_refsource_MISC

https://security-tracker.debian.org/tracker/CVE-2022-0718

x_refsource_MISC

https://access.redhat.com/security/cve/CVE-2022-0718

x_refsource_MISC

[debian-lts-announce] 20220913 [SECURITY] [DLA 3106-1] python-oslo.utils security update

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2022-0718

Description

Affected Products

Weaknesses (CWE)

References