Lucene search
K

21 matches found

OSV
OSV
added 2026/04/22 6:4 p.m.7 views

USN-8199-1 glance vulnerabilities

Martin Kaesberger discovered that OpenStack Glance's image processing could return the contents of arbitrary files. An attacker could possibly use this issue to exfiltrate sensitive data. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. CVE-2024-32498 Hyeongeun Ji and Abhishek Keka...

7.1CVSS5.8AI score0.00835EPSS
Exploits1References3
Ubuntu
Ubuntu
added 2026/04/22 6:4 p.m.13 views

USN-8199-1: OpenStack Glance vulnerabilities

Martin Kaesberger discovered that OpenStack Glance's image processing could return the contents of arbitrary files. An attacker could possibly use this issue to exfiltrate sensitive data. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. CVE-2024-32498 Hyeongeun Ji and Abhishek Keka...

7.1CVSS5.9AI score0.00835EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2024/09/05 12:0 a.m.20 views

Debian dla-3870 : python-oslo.utils-doc - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-3870 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3870-1 [email protected] https://www.debian.org/lts/security/...

6.5CVSS6.6AI score0.00835EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/09/05 12:0 a.m.21 views

Debian dla-3871 : cinder-api - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3871 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3871-1 [email protected]...

6.5CVSS7AI score0.01198EPSS
Exploits0References6
Debian
Debian
added 2024/09/04 10:35 p.m.12 views

[SECURITY] [DLA 3873-1] nova security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3873-1 [email protected] https://www.debian.org/lts/security/ Thomas Goirand September 05, 2024 https://wiki.debian.org/LTS -...

6.5CVSS6.9AI score0.00941EPSS
Exploits1
Debian
Debian
added 2024/09/04 10:34 p.m.11 views

[SECURITY] [DLA 3872-1] glance security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3872-1 [email protected] https://www.debian.org/lts/security/ Thomas Goirand September 05, 2024 https://wiki.debian.org/LTS -...

6.5CVSS6.4AI score0.00835EPSS
Exploits0
Debian
Debian
added 2024/09/04 10:33 p.m.15 views

[SECURITY] [DLA 3870-1] python-oslo.utils new upstream release

------------------------------------------------------------------------- Debian LTS Advisory DLA-3870-1 [email protected] https://www.debian.org/lts/security/ Thomas Goirand September 05, 2024 https://wiki.debian.org/LTS -...

6.5CVSS6.4AI score0.00835EPSS
Exploits0
OpenVAS
OpenVAS
added 2024/08/22 12:0 a.m.12 views

Debian: Security Advisory (DSA-5756-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.6AI score0.00835EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/08/22 12:0 a.m.16 views

Debian: Security Advisory (DSA-5754-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.6AI score0.00835EPSS
Exploits0References2
Debian
Debian
added 2024/08/21 11:8 a.m.14 views

[SECURITY] [DSA 5755-1] glance security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5755-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 21, 2024 https://www.debian.org/security/faq -...

6.5CVSS6.4AI score0.00835EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/08/21 12:0 a.m.11 views

Debian dsa-5755 : glance - security update

The remote Debian 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5755 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5755-1 [email protected] https://www.debian.org/security/ Moritz...

6.5CVSS6.8AI score0.00835EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2024/07/24 6:31 a.m.23 views

OpenStack Nova vulnerable to unauthorized access to potentially sensitive data

In OpenStack Nova before 27.4.1, 28 before 28.2.1, and 29 before 29.1.1, by supplying a raw format image that is actually a crafted QCOW2 image with a backing file path or VMDK flat image with a descriptor file path, an authenticated user may convince systems to return a copy of the referenced...

6.5CVSS6.4AI score0.00941EPSS
Exploits1References8Affected Software1
RedHat Linux
RedHat Linux
added 2024/07/09 12:14 p.m.28 views

Critical: Red Hat Security Advisory: Red Hat OpenStack Platform 16.1.9 security update

An update for openstack-cinder, openstack-glance, and openstack-nova is now available for Red Hat OpenStack Platform 16.1 Train. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

6.5CVSS6.7AI score0.00835EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/07/09 12:0 a.m.19 views

Ubuntu: Security Advisory (USN-6883-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS7.1AI score0.00835EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2024/07/05 3:30 a.m.4 views

cinderlib (>=2.1.0 <=5.2.0), cinderlib-csi (=0.0.2) +1 more potentially affected by CVE-2024-32498 via cinder (>=16.4.2 <=23.5.0)

cinder PYPI version =16.4.2, =2.1.0, =0.9.0, =0.9.1 Source cves: CVE-2024-32498 Source advisory: OSV:GHSA-R4V4-W9PV-6FPH...

6.5CVSS6.7AI score0.00835EPSS
Exploits0
Debian CVE
Debian CVE
added 2024/07/05 12:0 a.m.17 views

CVE-2024-32498

An issue was discovered in OpenStack Cinder through 24.0.0, Glance before 28.0.2, and Nova before 29.0.3. Arbitrary file access can occur via custom QCOW2 external data. By supplying a crafted QCOW2 image that references a specific data file path, an authenticated user may convince systems to...

6.5CVSS6.4AI score0.00835EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2024/07/02 4:47 p.m.30 views

Critical: Red Hat Security Advisory: Red Hat OpenStack Platform 16.2.6 security update

An update for openstack-cinder, openstack-glance, and openstack-nova is now available for Red Hat OpenStack Platform 16.2 Train. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

6.5CVSS6.7AI score0.00835EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/07/02 4:45 p.m.32 views

Critical: Red Hat Security Advisory: Red Hat OpenStack Platform 17.1.3 security update

An update for openstack-nova, openstack-glance, and openstack-cinder is now available for Red Hat OpenStack Platform 17.1 Wallaby. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

6.5CVSS6.7AI score0.00835EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/07/02 12:0 a.m.31 views

RHEL 8 : Red Hat OpenStack Platform 17.1.3 (openstack-nova) (RHSA-2024:4274)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:4274 advisory. OpenStack Compute codename Nova is open source software designed to provision and manage large networks of virtual machines,creating a redundant and...

6.5CVSS6.6AI score0.00835EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/07/02 12:0 a.m.28 views

RHEL 8 : Red Hat OpenStack Platform 16.2.6 (RHSA-2024:4273)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:4273 advisory. Cinder is the replacement of nova-volume in Folsom and beyond, use d for block storage. OpenStack Image Service code-named Glance provides...

6.5CVSS6.6AI score0.00835EPSS
Exploits0References5
Rows per page
Query Builder