CVE-2014-7231

Source
https://nvd.nist.gov/vuln/detail/CVE-2014-7231
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2014-7231.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2014-7231
Aliases
Related
Published
2014-10-08T19:55:04Z
Modified
2024-09-11T02:00:04Z
Summary
[none]
Details

The strutils.mask_password function in the OpenStack Oslo utility library, Cinder, Nova, and Trove before 2013.2.4 and 2014.1 before 2014.1.3 does not properly mask passwords when logging commands, which allows local users to obtain passwords by reading the log.

References

Affected packages

Debian:11 / python-oslo.utils

Package

Name
python-oslo.utils
Purl
pkg:deb/debian/python-oslo.utils?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.2.0-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / python-oslo.utils

Package

Name
python-oslo.utils
Purl
pkg:deb/debian/python-oslo.utils?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.2.0-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / python-oslo.utils

Package

Name
python-oslo.utils
Purl
pkg:deb/debian/python-oslo.utils?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.2.0-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}