VulnerableCode Package Details - pkg:deb/debian/python-oslo.utils@10.0.0-3?distro=trixie

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-89jv-kym3-gqdh	openstack-mistral: information disclosure in mistral log	CVE-2019-3866
VCID-8p6b-qw5m-jfha	OpenStack Oslo utility sensitive information exposure via log files The strutils.mask_password function in the OpenStack Oslo utility library, Cinder, Nova, and Trove before 2013.2.4 and 2014.1 before 2014.1.3 does not properly mask passwords when logging commands, which allows local users to obtain passwords by reading the log.	CVE-2014-7231 GHSA-v933-vx5p-j7w2
VCID-ed1c-yhw8-hfh8	A flaw was found in python-oslo-utils. Due to improper parsing, passwords with a double quote ( " ) in them cause incorrect masking in debug logs, causing any part of the password after the double quote to be plaintext.	CVE-2022-0718 GHSA-wmqq-r32m-87c5 PYSEC-2022-258

Vulnerability

Summary

Aliases

VCID-89jv-kym3-gqdh

openstack-mistral: information disclosure in mistral log

CVE-2019-3866

VCID-8p6b-qw5m-jfha

OpenStack Oslo utility sensitive information exposure via log files The strutils.mask_password function in the OpenStack Oslo utility library, Cinder, Nova, and Trove before 2013.2.4 and 2014.1 before 2014.1.3 does not properly mask passwords when logging commands, which allows local users to obtain passwords by reading the log.

CVE-2014-7231
GHSA-v933-vx5p-j7w2

VCID-ed1c-yhw8-hfh8

A flaw was found in python-oslo-utils. Due to improper parsing, passwords with a double quote ( " ) in them cause incorrect masking in debug logs, causing any part of the password after the double quote to be plaintext.

CVE-2022-0718
GHSA-wmqq-r32m-87c5
PYSEC-2022-258

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T10:19:33.370400+00:00	Debian Importer	Fixing	VCID-ed1c-yhw8-hfh8	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T09:17:56.839573+00:00	Debian Importer	Fixing	VCID-89jv-kym3-gqdh	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T09:17:41.288646+00:00	Debian Importer	Fixing	VCID-8p6b-qw5m-jfha	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-13T06:57:04.047818+00:00	Debian Importer	Fixing	VCID-ed1c-yhw8-hfh8	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T18:12:49.704391+00:00	Debian Importer	Fixing	VCID-89jv-kym3-gqdh	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T18:12:39.635460+00:00	Debian Importer	Fixing	VCID-8p6b-qw5m-jfha	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-03T07:50:51.063906+00:00	Debian Importer	Fixing	VCID-ed1c-yhw8-hfh8	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:50:51.006383+00:00	Debian Importer	Fixing	VCID-89jv-kym3-gqdh	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:50:50.948920+00:00	Debian Importer	Fixing	VCID-8p6b-qw5m-jfha	https://security-tracker.debian.org/tracker/data/json	38.1.0