PublicDateAtUSN: 2022-03-23 00:00:00 UTC
Candidate: CVE-2022-0718
PublicDate: 2022-03-23 00:00:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0718
 https://bugzilla.redhat.com/show_bug.cgi?id=2056850
 https://ubuntu.com/security/notices/USN-5369-1
Description:
 A flaw was found in python-oslo-utils. Due to improper parsing, passwords with a
 double quote ( " ) in them cause incorrect masking in debug logs, causing any part
 of the password after the double quote to be plaintext.
Ubuntu-Description:
Notes:
Mitigation:
Bugs:
Priority: medium
Discovered-by:
Assigned-to: leosilva
CVSS:


Patches_python-oslo.utils:
 upstream: https://opendev.org/openstack/oslo.utils/commit/6e17ae1f7959c64dfd20a5f67edf422e702426aa
upstream_python-oslo.utils: released (4.10.1-1)
esm-infra/xenial_python-oslo.utils: released (3.8.0-2ubuntu0.1~esm1)
trusty_python-oslo.utils: ignored (out of standard support)
xenial_python-oslo.utils: ignored (out of standard support)
bionic_python-oslo.utils: released (3.35.0-0ubuntu1.1)
focal_python-oslo.utils: released (4.1.1-0ubuntu1.1)
impish_python-oslo.utils: released (4.10.0-0ubuntu1.1)
jammy_python-oslo.utils: not-affected (4.12.2-0ubuntu1)
devel_python-oslo.utils: not-affected (4.12.2-0ubuntu1)