VYPR
Medium severity5.9NVD Advisory· Published May 8, 2018· Updated Jun 17, 2026

CVE-2017-2592

CVE-2017-2592

Description

python-oslo-middleware before versions 3.8.1, 3.19.1, 3.23.1 is vulnerable to an information disclosure. Software using the CatchError class could include sensitive values in a traceback's error message. System users could exploit this flaw to obtain sensitive information from OpenStack component error logs (for example, keystone tokens).

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
oslo.middlewarePyPI
>= 3.9.0, < 3.19.13.19.1
oslo.middlewarePyPI
< 3.8.13.8.1
oslo.middlewarePyPI
>= 3.20.0, < 3.23.13.23.1
oslo-middlewarePyPI
>= 3.9.0, < 3.19.13.19.1
oslo-middlewarePyPI
< 3.8.13.8.1
oslo-middlewarePyPI
>= 3.20.0, < 3.23.13.23.1

Affected products

16

Patches

Vulnerability mechanics

References

19

News mentions

0

No linked articles in our index yet.