Lucene search
RedHatRHSA-2023:1279HistoryMar 15, 2023 - 7:44 p.m.
(RHSA-2023:1279) Important: Synopsis: Red Hat OpenStack Platform (openstack-cinder) security update
2023-03-1519:44:48
access.redhat.com
15
red hat openstack platform
openstack-cinder
security update
arbitrary file access
vmdk flat descriptor
cve-2022-47951
references section
unix
0.003 Low
EPSS
Percentile
66.1%
Cinder is the replacement of nova-volume in Folsom and beyond, used for
block storage.
Security Fix(es):
- Arbitrary file access through custom VMDK flat descriptor
(CVE-2022-47951)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page listed in the References section.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 8 | noarch | python3-cinder | < 15.6.1-2.20221003154726.87578a0.el8ost | python3-cinder-15.6.1-2.20221003154726.87578a0.el8ost.noarch.rpm |
| RedHat | 7 | noarch | openstack-cinder | < 12.0.10-27.el7ost | openstack-cinder-12.0.10-27.el7ost.noarch.rpm |
| RedHat | 8 | noarch | openstack-cinder | < 15.4.0-1.20230206163350.58f0e73.el8ost | openstack-cinder-15.4.0-1.20230206163350.58f0e73.el8ost.noarch.rpm |
| RedHat | 7 | noarch | python-cinder | < 12.0.10-27.el7ost | python-cinder-12.0.10-27.el7ost.noarch.rpm |
| RedHat | 8 | noarch | python3-cinder | < 15.4.0-1.20230206163350.58f0e73.el8ost | python3-cinder-15.4.0-1.20230206163350.58f0e73.el8ost.noarch.rpm |
| RedHat | 8 | noarch | openstack-cinder | < 15.6.1-2.20221003154726.87578a0.el8ost | openstack-cinder-15.6.1-2.20221003154726.87578a0.el8ost.noarch.rpm |
Related
ubuntucve
ubuntucve
CVE-2022-47951
2023-01-27 00:00:00
debian
debian
[SECURITY] [DLA 3301-1] cinder security update
2023-01-30 22:10:12
[SECURITY] [DLA 3300-1] glance security update
2023-01-30 22:04:57
[SECURITY] [DSA 5336-1] glance security update
2023-02-01 18:32:49
nessus
nessus
Ubuntu 20.04 LTS / 22.04 LTS : Nova vulnerability (USN-5835-3)
2023-01-31 00:00:00
Debian DSA-5337-1 : nova - security update
2023-02-02 00:00:00
osv
osv
cinder - security update
2023-02-01 00:00:00
cinder vulnerability
2023-01-31 13:11:52
nova - security update
2023-01-31 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-5835-3)
2023-02-01 00:00:00
Debian: Security Advisory (DLA-3301-1)
2023-01-31 00:00:00
Debian: Security Advisory (DLA-3300-1)
2023-01-31 00:00:00
redhat
redhat
redhatcve
redhatcve
CVE-2022-47951
2023-01-25 05:37:07
veracode
veracode
Information Disclosure
2023-02-03 17:08:10
cvelist
cvelist
CVE-2022-47951
2023-01-26 00:00:00
ubuntu
ubuntu
Nova vulnerability
2023-02-09 00:00:00
Cinder vulnerability
2023-01-31 00:00:00
Cinder vulnerability
2023-02-09 00:00:00
github
github
OpenStack Cinder, glance, and Nova vulnerable to Path Traversal
2023-01-27 00:30:19
cve
cve
CVE-2022-47951
2023-01-26 22:15:25
nvd
nvd
CVE-2022-47951
2023-01-26 22:15:25
debiancve
debiancve
CVE-2022-47951
2023-01-26 22:15:25
freebsd
freebsd
py-cinder -- unauthorized data access
2023-01-27 00:00:00
prion
prion
Design/Logic Flaw
2023-01-26 22:15:00