PYSEC-2013-40

See a problem?

Import Source

https://github.com/pypa/advisory-database/blob/main/vulns/keystone/PYSEC-2013-40.yaml

JSON Data

https://api.osv.dev/v1/vulns/PYSEC-2013-40

Withdrawn

2024-11-22T04:37:04Z

Published

2013-05-21T18:55:00Z

Modified

2025-10-09T05:20:16.705652Z

Summary

[none]

Details

OpenStack Identity (Keystone) Grizzly 2013.1.1, when DEBUG mode logging is enabled, logs the (1) admin_token and (2) LDAP password in plaintext, which allows local users to obtain sensitive by reading the log file.

References

Affected packages

PyPI / keystone

Package

Name: keystone; View open source insights on deps.dev
Purl: pkg:pypi/keystone

Affected ranges

Type: GIT
Repo: https://github.com/openstack/keystone
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

c5037dd6b82909efaaa8720e8cfa8bdb8b4a0edd

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

12.*

12.0.2

12.0.3

13.*

13.0.2

13.0.3

13.0.4

14.*

14.0.0

14.0.1

14.1.0

14.2.0

15.*

15.0.0.0rc1

15.0.0.0rc2

15.0.0

15.0.1

16.*

16.0.0.0rc1

16.0.0.0rc2

16.0.0

16.0.1

16.0.2

17.*

17.0.0.0rc1

17.0.0.0rc2

17.0.0

17.0.1

18.*

18.0.0.0rc1

18.0.0

18.1.0

19.*

19.0.0.0rc1

19.0.0.0rc2

19.0.0

19.0.1

20.*

20.0.0.0rc1

20.0.0

20.0.1

21.*

21.0.0.0rc1

21.0.0

21.0.1

22.*

22.0.0.0rc1

22.0.0

22.0.1

22.0.2

23.*

23.0.0.0rc1

23.0.0

23.0.1

23.0.2

24.*

24.0.0.0rc1

24.0.0

24.1.0

25.*

25.0.0.0rc1

25.0.0

26.*

26.0.0.0rc1

26.0.0

27.*

27.0.0.0rc1

27.0.0

28.*

28.0.0.0rc1

28.0.0

Database specific

source

"https://github.com/pypa/advisory-database/blob/main/vulns/keystone/PYSEC-2013-40.yaml"