Описание
A vulnerability was found in python-glance-store. The issue occurs when the package logs the access_key for the glance-store when the DEBUG log level is enabled.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| python-glance-store | fixed | 4.7.0-2 | package | |
| python-glance-store | no-dsa | bookworm | package | |
| python-glance-store | no-dsa | bullseye | package | |
| python-glance-store | no-dsa | buster | package |
Примечания
https://bugzilla.redhat.com/show_bug.cgi?id=2258836
https://github.com/openstack/glance_store/commit/d6e531af4821c8466b1e9404f12f89f6216417f2 (4.7.0)
https://github.com/openstack/glance_store/commit/a5ba027922ba1230b4ae9abb810f36427be6354a (4.7.0)
EPSS
Связанные уязвимости
A vulnerability was found in python-glance-store. The issue occurs when the package logs the access_key for the glance-store when the DEBUG log level is enabled.
A vulnerability was found in python-glance-store. The issue occurs when the package logs the access_key for the glance-store when the DEBUG log level is enabled.
A vulnerability was found in python-glance-store. The issue occurs when the package logs the access_key for the glance-store when the DEBUG log level is enabled.
Уязвимость библиотеки взаимодействия с бэкендами python-glance-store языка программирования Python, связанная с регистрацией избыточных данных, позволяющая нарушителю получить доступ к конфиденциальной информации
EPSS