CVE-2019-14825

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2019-14825

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-14825.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2019-14825

Aliases

GHSA-m4wh-848j-9w2r

Downstream

RHSA-2019:3172

Published

2019-11-25T16:15:13.520Z

Modified

2026-03-14T09:32:49.841664Z

Severity

2.7 (Low) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N CVSS Calculator

Summary

[none]

Details

A cleartext password storage issue was discovered in Katello, versions 3.x.x.x before katello 3.12.0.9. Registry credentials used during container image discovery were inadvertently logged without being masked. This flaw could expose the registry credentials to other privileged users.

References

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14825

Affected packages

Git /

Affected ranges

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-14825.json"

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "3.0.0.0"
            },
            {
                "fixed": "3.12.0.9"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "3.x.x.x"
            }
        ]
    }
]