{"id":"PYSEC-2026-925","summary":"sosreport Exposure of Sensitive Information vulnerability","details":"It was found that the ovirt-log-collector/sosreport collects the RHV admin password unfiltered. Fixed in: sos-4.2-20.el8_6, ovirt-log-collector-4.4.7-2.el8ev","aliases":["CVE-2022-2806","GHSA-7pf9-7cff-f854"],"modified":"2026-07-07T11:45:51.077674573Z","published":"2026-07-06T08:03:32.275629Z","references":[{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-2806"},{"type":"WEB","url":"https://github.com/sosreport/sos/pull/2947"},{"type":"WEB","url":"https://github.com/sosreport/sos/commit/5fd872c64c53af37015f366295e0c2418c969757"},{"type":"PACKAGE","url":"https://github.com/sosreport/sos"},{"type":"PACKAGE","url":"https://pypi.org/project/sosreport"},{"type":"ADVISORY","url":"https://github.com/advisories/GHSA-7pf9-7cff-f854"}],"affected":[{"package":{"name":"sosreport","ecosystem":"PyPI","purl":"pkg:pypi/sosreport"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.4"}]}],"versions":["3.2","3.2.0a1"],"database_specific":{"source":"https://github.com/pypa/advisory-database/blob/main/vulns/sosreport/PYSEC-2026-925.yaml"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}]}