CVE-2022-0718

Insufficiently Protected Credentials in pypi/oslo-utils

Identifiers

GHSA-wmqq-r32m-87c5, CVE-2022-0718

Package Slug

pypi/oslo-utils

Vulnerability

Insufficiently Protected Credentials

Description

A flaw was found in python-oslo-utils. Due to improper parsing, passwords with a double quote ( " ) in them cause incorrect masking in debug logs, causing any part of the password after the double quote to be plaintext.

Affected Versions

All versions before 4.10.1

Solution

Upgrade to version 4.10.1 or above.

Last Modified

2022-09-19

source