oslo-utils

PyPI2 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting oslo-utilspage 1 of 1

CVE-2014-7231NONECVSS 0.0EG 0.0✓ Fixed in 0.2.0
2014-10-08
vulnerable: 0.1.0, 0.1.1
The strutils.mask_password function in the OpenStack Oslo utility library, Cinder, Nova, and Trove before 2013.2.4 and 2014.1 before 2014.1.3 does not properly mask passwords when logging commands, which allows local users to obtain passwo…
CVE-2022-0718MEDIUMCVSS 4.9EG 4.9✓ Fixed in 4.10.1
2022-08-29
vulnerable: 0.1.0 ... 4.9.2 (122 versions)
A flaw was found in python-oslo-utils. Due to improper parsing, passwords with a double quote ( " ) in them cause incorrect masking in debug logs, causing any part of the password after the double quote to be plaintext.

Check whether oslo-utils is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for oslo-utils CVEs against the assets you own.

Start Free Scan →