Your submission was sent successfully! Close

CVE-2022-0718

Published: 23 March 2022

A flaw was found in python-oslo-utils. Due to improper parsing, passwords with a double quote ( " ) in them cause incorrect masking in debug logs, causing any part of the password after the double quote to be plaintext.

Priority

Medium

CVSS 3 base score: 4.9

Status

Package Release Status
python-oslo.utils
Launchpad, Ubuntu, Debian
bionic
Released (3.35.0-0ubuntu1.1)
focal
Released (4.1.1-0ubuntu1.1)
impish
Released (4.10.0-0ubuntu1.1)
jammy Not vulnerable
(4.12.2-0ubuntu1)
trusty Ignored
(out of standard support)
upstream
Released (4.10.1-1)
xenial
Released (3.8.0-2ubuntu0.1~esm1)
Patches:
upstream: https://opendev.org/openstack/oslo.utils/commit/6e17ae1f7959c64dfd20a5f67edf422e702426aa