GHSA-wmqq-r32m-87c5

Source

https://github.com/advisories/GHSA-wmqq-r32m-87c5

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/08/GHSA-wmqq-r32m-87c5/GHSA-wmqq-r32m-87c5.json

Aliases

Published

2022-08-29T20:06:50Z

Modified

2024-02-16T08:16:53.735282Z

Details

A flaw was found in python-oslo-utils. Due to improper parsing, passwords with a double quote ( " ) in them cause incorrect masking in debug logs, causing any part of the password after the double quote to be plaintext

References

Affected packages

PyPI / oslo-utils

Package

Name: oslo-utils

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

4.10.1

Affected versions

0.*

0.1.0

0.1.1

0.2.0

0.3.0

1.*

1.0.0

1.1.0

1.1.1

1.2.0

1.2.1

1.3.0

1.4.0

1.4.1

1.4.2

1.5.0

1.6.0

1.7.0

1.8.0

1.9.0

2.*

2.0.0

2.1.0

2.2.0

2.3.0

2.4.0

2.5.0

2.6.0

2.7.0

2.8.0

3.*

3.0.0

3.1.0

3.2.0

3.3.0

3.4.0

3.5.0

3.6.0

3.7.0

3.8.0

3.9.0

3.10.0

3.11.0

3.12.0

3.13.0

3.14.0

3.15.0

3.16.0

3.16.1

3.17.0

3.18.0

3.19.0

3.20.0

3.21.0

3.22.0

3.22.1

3.22.2

3.22.3

3.23.0

3.24.0

3.25.0

3.25.1

3.26.0

3.27.0

3.28.0

3.28.1

3.28.2

3.28.3

3.28.4

3.29.0

3.30.0

3.31.0

3.32.0

3.33.0

3.34.0

3.35.0

3.35.1

3.36.0

3.36.1

3.36.2

3.36.3

3.36.4

3.36.5

3.37.0

3.37.1

3.38.0

3.39.0

3.39.1

3.40.0

3.40.1

3.40.2

3.40.3

3.40.4

3.40.5

3.40.6

3.40.7

3.41.0

3.41.1

3.41.2

3.41.3

3.41.4

3.41.5

3.41.6

3.42.0

3.42.1

4.*

4.0.0

4.0.1

4.1.0

4.1.1

4.1.2

4.2.0

4.2.1

4.2.2

4.3.0

4.4.0

4.5.0

4.6.0

4.6.1

4.7.0

4.8.0

4.8.1

4.8.2

4.9.0

4.9.1

4.9.2

4.10.0