OpenStack Murano Code Execution

🗓️ 17 May 2022 03:48:22Reported by GitHub Advisory DatabaseType

OpenStack Murano Code Execution vulnerability in versions before 1.0.3 (liberty), 2.x before 2.0.1 (mitaka), and python-muranoclient before 0.7.3 (liberty

Reporter	Title	Published	Views	Family All 15
CNVD	Arbitrary Code Execution Vulnerability in Multiple Openstack Products	28 Jun 201600:00	–	cnvd
CVE	CVE-2016-4972	26 Sep 201616:00	–	cve
Cvelist	CVE-2016-4972	26 Sep 201616:00	–	cvelist
Debian CVE	CVE-2016-4972	26 Sep 201616:00	–	debiancve
EUVD	EUVD-2016-0028	7 Oct 202500:30	–	euvd
NVD	CVE-2016-4972	26 Sep 201616:59	–	nvd
OSV	DEBIAN-CVE-2016-4972	26 Sep 201616:59	–	osv
OSV	GHSA-87R7-Q54J-F9QG OpenStack Murano Code Execution	17 May 202203:48	–	osv
OSV	PYSEC-2016-22	26 Sep 201616:59	–	osv
OSV	UBUNTU-CVE-2016-4972	26 Sep 201616:59	–	osv

Vulners

Node

openstack python-muranoclientRange0.8.0–0.8.5pip

openstack murano-dashboardRange2.0.0–2.0.1pip

openstack python-muranoclientRange<0.7.3pip

openstack murano-dashboardRange<1.0.3pip

openstack muranoRange<1.0.3pip

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2016-4972
bugs	www.bugs.launchpad.net/murano/+bug/1586079
bugs	www.bugs.launchpad.net/python-muranoclient/+bug/1586078
openwall	www.openwall.com/lists/oss-security/2016/06/23/8
github	www.github.com/openstack/murano/commit/28de8c36c9dbe4aaf4d062e6fb6099afd437f49b
github	www.github.com/openstack/murano/blob/c898a310afbc27f12190446ef75d8b0bd12115eb/releasenotes/notes/safeloader-cve-2016-4972-19035a2a091ec30a.yaml
github	www.github.com/openstack/murano/blob/c898a310afbc27f12190446ef75d8b0bd12115eb/releasenotes/source/locale/en_GB/LC_MESSAGES/releasenotes.po
github	www.github.com/pypa/advisory-database/tree/main/vulns/python-muranoclient/PYSEC-2016-22.yaml
github	www.github.com/advisories/GHSA-87r7-q54j-f9qg

25 Oct 2024 20:43Current

7.9High risk

Vulners AI Score7.9

CVSS 27.5

CVSS 39.8

EPSS0.03928

CWE-20