Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2022-0718

Опубликовано: 29 авг. 2022
Источник: debian
EPSS Низкий

Описание

A flaw was found in python-oslo-utils. Due to improper parsing, passwords with a double quote ( " ) in them cause incorrect masking in debug logs, causing any part of the password after the double quote to be plaintext.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
python-oslo.utilsfixed4.10.1-1package

Примечания

  • https://bugzilla.redhat.com/show_bug.cgi?id=2056850

  • https://bugs.launchpad.net/oslo.utils/+bug/1949623

  • Fixed by: https://opendev.org/openstack/oslo.utils/commit/6e17ae1f7959c64dfd20a5f67edf422e702426aa (4.12.1)

  • Fixed by: https://opendev.org/openstack/oslo.utils/commit/5ce8a7f0f8ecec7a85a23ec3d7a7fb1cad14ceba (4.10.1)

  • Fixed by: https://opendev.org/openstack/oslo.utils/commit/65aa4226d4bf286468da6df6759e364c1eb3e049 (4.6.1)

EPSS

Процентиль: 57%
0.00347
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2022-0718

CVSS3: 4.9
ubuntu
больше 3 лет назад

A flaw was found in python-oslo-utils. Due to improper parsing, passwords with a double quote ( " ) in them cause incorrect masking in debug logs, causing any part of the password after the double quote to be plaintext.

redhat логотип

CVE-2022-0718

CVSS3: 6
redhat
почти 4 года назад

A flaw was found in python-oslo-utils. Due to improper parsing, passwords with a double quote ( " ) in them cause incorrect masking in debug logs, causing any part of the password after the double quote to be plaintext.

nvd логотип

CVE-2022-0718

CVSS3: 4.9
nvd
больше 3 лет назад

A flaw was found in python-oslo-utils. Due to improper parsing, passwords with a double quote ( " ) in them cause incorrect masking in debug logs, causing any part of the password after the double quote to be plaintext.

suse-cvrf логотип

SUSE-SU-2025:02448-1

suse-cvrf
7 месяцев назад

Security update for python-oslo.utils

github логотип

GHSA-wmqq-r32m-87c5

CVSS3: 4.9
github
больше 3 лет назад

python-oslo-utils has improper password parsing

EPSS

Процентиль: 57%
0.00347
Низкий
Уязвимость CVE-2022-0718