9 matches found
SUSE CVE-2017-2592
python-oslo-middleware before versions 3.8.1, 3.19.1, 3.23.1 is vulnerable to an information disclosure. Software using the CatchError class could include sensitive values in a traceback's error message. System users could exploit this flaw to obtain sensitive information from OpenStack component...
Security Bulletin: IBM Spectrum Scale deployments with the Object Protocols functionality enabled are affected by a security vulnerability in Python (CVE-2017-2592)
Summary IBM Spectrum Scale deployments with the Object Protocols functionality enabled are affected by a security vulnerability in Python that could allow a local authenticated attacker to obtain sensitive information, caused by including sensitive data in the CatchError class. A local attacker...
monasca-agent (>=1.3.0 <=1.4.0) potentially affected by CVE-2017-2592 via oslo-middleware (=3.20.0)
oslo-middleware PYPI version =3.20.0 is affected by a known vulnerability. The following packages have a transitive dependency on oslo-middleware and may be impacted: - monasca-agent =1.3.0, =1.4.0 Source cves: CVE-2017-2592 Source advisory: OSV:GHSA-XCP8-HH74-F6MC...
gnocchi (>=3.0.21 <=4.2.4), monasca-agent (>=1.1.20 <=1.4.0) +1 more potentially affected by CVE-2017-2592 via oslo-middleware (>=2.8.0 <=3.37.1)
oslo-middleware PYPI version =2.8.0, =3.0.21, =1.1.20, =1.0.25, =1.0.27 Source cves: CVE-2017-2592 Source advisory: OSV:GHSA-XCP8-HH74-F6MC...
Security Bulletin: IBM PowerVC is impacted by python oslo.middleware package information disclosure (CVE-2017-2592)
Summary IBM PowerVC may disclose some sensitive values in an error message. Vulnerability Details CVEID: CVE-2017-2592 DESCRIPTION: The OpenStack python oslo.middleware package could allow a local authenticated attacker to obtain sensitive information by including sensitive data in the CatchError...
CVE-2017-2592
CVE-2017-2592 affects the python-oslo-middleware CatchError path, causing information disclosure by including sensitive data in traceback messages. Affected versions are pre-3.8.1, pre-3.19.1, and pre-3.23.1. Impact can expose sensitive info from OpenStack component error logs (e.g., keystone tok...
CVE-2017-2592
python-oslo-middleware before versions 3.8.1, 3.19.1, 3.23.1 is vulnerable to an information disclosure. Software using the CatchError class could include sensitive values in a traceback's error message. System users could exploit this flaw to obtain sensitive information from OpenStack component...
SUSE-SU-2017:0848-1 Security update for python-oslo.middleware
This update for python-oslo.middleware fixes the following issues: Security issue fixed: - CVE-2017-2592: Using the CatchError class may include sensitive values in the error message accompanying a Traceback, resulting in their disclosure bsc1022043...
Moderate: Red Hat Security Advisory: python-oslo-middleware security update
An update for python-oslo-middleware is now available for Red Hat OpenStack Platform 10.0 Newton. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...