{"id":"PYSEC-2022-258","details":"A flaw was found in python-oslo-utils. Due to improper parsing, passwords with a double quote ( \" ) in them cause incorrect masking in debug logs, causing any part of the password after the double quote to be plaintext.","aliases":["CVE-2022-0718","GHSA-wmqq-r32m-87c5"],"modified":"2023-11-08T04:07:38.813658Z","published":"2022-08-29T15:15:00Z","references":[{"type":"WEB","url":"https://security-tracker.debian.org/tracker/CVE-2022-0718"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2056850"},{"type":"WEB","url":"https://access.redhat.com/security/cve/CVE-2022-0718"},{"type":"WEB","url":"https://bugs.launchpad.net/oslo.utils/+bug/1949623"},{"type":"WEB","url":"https://opendev.org/openstack/oslo.utils/commit/6e17ae1f7959c64dfd20a5f67edf422e702426aa"},{"type":"ADVISORY","url":"https://github.com/advisories/GHSA-wmqq-r32m-87c5"}],"affected":[{"package":{"name":"oslo-utils","ecosystem":"PyPI","purl":"pkg:pypi/oslo-utils"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.10.1"}]}],"versions":["0.1.0","0.1.1","0.2.0","0.3.0","1.0.0","1.1.0","1.1.1","1.2.0","1.2.1","1.3.0","1.4.0","1.4.1","1.4.2","1.5.0","1.6.0","1.7.0","1.8.0","1.9.0","2.0.0","2.1.0","2.2.0","2.3.0","2.4.0","2.5.0","2.6.0","2.7.0","2.8.0","3.0.0","3.1.0","3.10.0","3.11.0","3.12.0","3.13.0","3.14.0","3.15.0","3.16.0","3.16.1","3.17.0","3.18.0","3.19.0","3.2.0","3.20.0","3.21.0","3.22.0","3.22.1","3.22.2","3.22.3","3.23.0","3.24.0","3.25.0","3.25.1","3.26.0","3.27.0","3.28.0","3.28.1","3.28.2","3.28.3","3.28.4","3.29.0","3.3.0","3.30.0","3.31.0","3.32.0","3.33.0","3.34.0","3.35.0","3.35.1","3.36.0","3.36.1","3.36.2","3.36.3","3.36.4","3.36.5","3.37.0","3.37.1","3.38.0","3.39.0","3.39.1","3.4.0","3.40.0","3.40.1","3.40.2","3.40.3","3.40.4","3.40.5","3.40.6","3.40.7","3.41.0","3.41.1","3.41.2","3.41.3","3.41.4","3.41.5","3.41.6","3.42.0","3.42.1","3.5.0","3.6.0","3.7.0","3.8.0","3.9.0","4.0.0","4.0.1","4.1.0","4.1.1","4.1.2","4.10.0","4.2.0","4.2.1","4.2.2","4.3.0","4.4.0","4.5.0","4.6.0","4.6.1","4.7.0","4.8.0","4.8.1","4.8.2","4.9.0","4.9.1","4.9.2"],"database_specific":{"source":"https://github.com/pypa/advisory-database/blob/main/vulns/oslo-utils/PYSEC-2022-258.yaml"}}],"schema_version":"1.7.3"}