32 matches found
CVE-2022-47951
creationtimestamp| type| source ---|---|--- 2024-07-24 08:17:20+00:00| seen| https://t.me/cvedetector/1540 2025-03-31 17:30:57+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/9707...
OpenStack Nova vulnerable to unauthorized access to potentially sensitive data
In OpenStack Nova before 27.4.1, 28 before 28.2.1, and 29 before 29.1.1, by supplying a raw format image that is actually a crafted QCOW2 image with a backing file path or VMDK flat image with a descriptor file path, an authenticated user may convince systems to return a copy of the referenced...
RHEL 7 / 8 : Synopsis: Red Hat OpenStack Platform (openstack-cinder) (RHSA-2023:1279)
The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1279 advisory. Cinder is the replacement of nova-volume in Folsom and beyond, used for block storage. Security Fixes: Arbitrary file access through custom VMDK...
RHEL 7 / 8 : Synopsis: Red Hat OpenStack Platform (openstack-glance) (RHSA-2023:1280)
The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1280 advisory. OpenStack Image Service code-named Glance provides discovery, registration, and delivery services for virtual disk images. The Image Service API...
RHEL 7 / 8 : Red Hat OpenStack Platform (openstack-nova) (RHSA-2023:1278)
The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1278 advisory. OpenStack Compute codename Nova is open source software designed to provision and manage large networks of virtual machines, creating a redundant...
RHEL 9 : Red Hat OpenStack Platform 17.0 (openstack-glance) (RHSA-2023:1017)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1017 advisory. OpenStack Image Service code-named Glance provides discovery,registration, and delivery services for virtual disk images. The Image Service API serve...
RHEL 9 : Red Hat OpenStack Platform 17.0 (openstack-nova) (RHSA-2023:1015)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1015 advisory. OpenStack Compute codename Nova is open source software designed to provision and manage large networks of virtual machines,creating a redundant and...
SUSE-SU-2023:1949-1 Security update for openstack-cinder, openstack-nova, python-oslo.utils
This update for openstack-cinder, openstack-nova, python-oslo.utils contains the following fixes: Security fixes included on this update: openstack-cinder, openstack-nova: - CVE-2022-47951: Fixed file access control through custom VMDK flat descriptor. bsc1207321 Non-security changes included on...
FreeBSD : py-cinder -- unauthorized data access (a0509648-65ce-4a1b-855e-520a75bd2549)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the a0509648-65ce-4a1b-855e-520a75bd2549 advisory. - An issue was discovered in OpenStack Cinder before 19.1.2, 20.x before 20.0.2, and 21.0.0; Glance...
Important: Red Hat Security Advisory: Red Hat OpenStack Platform (openstack-nova) security update
An update for openstack-nova is now available for Red Hat OpenStack Platform. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
Important: Red Hat Security Advisory: Synopsis: Red Hat OpenStack Platform (openstack-cinder) security update
An update for openstack-cinder is now available for Red Hat OpenStack Platform. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabili...
Important: Red Hat Security Advisory: Synopsis: Red Hat OpenStack Platform (openstack-glance) security update
An update for openstack-glance is now available for Red Hat OpenStack Platform. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabili...
Important: Red Hat Security Advisory: Red Hat OpenStack Platform 17.0 (openstack-glance) security update
An update for openstack-glance is now available for Red Hat OpenStack Platform 17.0 Wallaby. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...
Important: Red Hat Security Advisory: Red Hat OpenStack Platform 17.0 (openstack-nova) security update
An update for openstack-nova is now available for Red Hat OpenStack Platform 17.0 Wallaby. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Ubuntu 18.04 LTS : Nova vulnerability (USN-5835-5)
The remote Ubuntu 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5835-5 advisory. USN-5835-3 fixed vulnerabilities in Nova. This update provides the corresponding updates for Ubuntu 18.04 LTS. Tenable has extracted the preceding description blo...
Debian: Security Advisory (DSA-5336-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-5337-1 : nova - security update
The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dsa-5337 advisory. Guillaume Espanel, Pierre Libeau, Arnaud Morin and Damien Rannou discovered that missing input sanitising in the handling of VMDK images in OpenStack Compute codenamed Nov...
Debian DSA-5336-1 : glance - security update
The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dsa-5336 advisory. - An issue was discovered in OpenStack Cinder before 19.1.2, 20.x before 20.0.2, and 21.0.0; Glance before 23.0.1, 24.x before 24.1.1, and 25.0.0; and Nova before 24.1.2,...
[SECURITY] [DSA 5336-1] glance security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5336-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 01, 2023 https://www.debian.org/security/faq -...
Ubuntu: Security Advisory (USN-5835-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...