CVE-2014-7230

The processutils.execute function in OpenStack oslo-incubator, Cinder, Nova, and Trove before 2013.2.4 and 2014.1 before 2014.1.3 allows local users to obtain passwords from commands that cause a ProcessExecutionError by reading the log.

Date published : 2014-10-08

http://www.securityfocus.com/bid/70185

https://bugs.launchpad.net/oslo-incubator/+bug/1343604