RHEL 9 : Red Hat OpenStack Platform 17.1 (collectd-sensubility) (RHSA-2024:2730)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:2730 advisory. This project aims to provide the possibility to switch from Sensu-based availability monitoring solution to a monitoring solution based on...

RHEL 9 : Red Hat OpenStack Platform 17.1 (etcd) (RHSA-2024:2729)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:2729 advisory. A highly-available key value store for shared configuration Security Fixes: golang-fips/openssl: Memory leaks in code encrypting and...

RHEL 9 : Red Hat OpenStack Platform 17.1 (python-openstackclient) (RHSA-2024:2737)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:2737 advisory. python-openstackclient is a unified command-line client for the OpenStack APIs. It is a thin wrapper to the stock python-client modules that implemen...

RHEL 8 : Red Hat OpenStack Platform 17.1 (python-urllib3) (RHSA-2024:2734)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:2734 advisory. Python HTTP module with connection pooling and file POST abilities. Security Fixes: Request body not stripped after redirect from 303 status changes...

RHEL 9 : Red Hat OpenStack Platform 17.1 (python-paramiko) (RHSA-2024:2735)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:2735 advisory. Paramiko a combination of the esperanto words for paranoid and friend is a module for python 2.3 or greater that implements the SSH2 protocol for...

RHEL 9 : Red Hat OpenStack Platform 17.1 (python-gunicorn) (RHSA-2024:2727)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:2727 advisory. Gunicorn Green Unicorn is a Python WSGI HTTP server for UNIX Security Fixes: HTTP Request Smuggling due to improper validation of Transfer-Encoding...

RHEL 8 : Red Hat OpenStack Platform 17.1 (tripleo-ansible and openstack-tripleo-heat-templates) (RHSA-2024:2770)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:2770 advisory. Heat templates for TripleO TripleO Ansible project repository. Contains playbooks for use with TripleO OpenStack deployments. https://opendev.org...

CVE-2024-4840 Rhosp-director: cleartext passwords exposed in logs

An flaw was found in the OpenStack Platform RHOSP director, a toolset for installing and managing a complete RHOSP environment. Plaintext passwords may be stored in log files, which can expose sensitive information to anyone with access to the logs...

CVE-2024-4840 Rhosp-director: cleartext passwords exposed in logs

An flaw was found in the OpenStack Platform RHOSP director, a toolset for installing and managing a complete RHOSP environment. Plaintext passwords may be stored in log files, which can expose sensitive information to anyone with access to the logs...

PT-2024-33096 · Red Hat · Openstack Platform Director

Name of the Vulnerable Software and Affected Versions: OpenStack Platform RHOSP director affected versions not specified Description: A flaw in the OpenStack Platform director allows plaintext passwords to be stored in log files. This can expose sensitive information to anyone with access to the...

CVE-2024-4438 Etcd: incomplete fix for cve-2023-39325/cve-2023-44487 in openstack platform

The etcd package distributed with the Red Hat OpenStack platform has an incomplete fix for CVE-2023-39325/CVE-2023-44487, known as Rapid Reset. This issue occurs because the etcd package in the Red Hat OpenStack platform is using http://golang.org/x/net/http2 instead of the one provided by Red Ha...

PT-2024-31140 · Red Hat · Red Hat Openstack Platform 16.1 +3

The etcd package distributed with the Red Hat OpenStack platform has an incomplete fix for CVE-2023-39325/CVE-2023-44487, known as Rapid Reset. This issue occurs because the etcd package in the Red Hat OpenStack platform is using http://golang.org/x/net/http2 instead of the one provided by Red Ha...

Red Hat OpenStack Platform 安全漏洞

Red Hat OpenStack Platform is a cloud computing management platform from Red Hat, an American company. A security vulnerability exists in Red Hat OpenStack Platform that stems from the presence of uncontrolled resource consumption. The following versions are affected: version 16.1, 16.2, and 17.1...

Red Hat OpenStack Platform 资源管理错误漏洞

Red Hat OpenStack Platform is a cloud computing management platform from Red Hat, Inc. A resource management error vulnerability exists in Red Hat OpenStack Platform versions 16.1 and 16.2, which stems from the presence of uncontrolled resource consumption...

RHEL 7 / 8 : Red Hat OpenStack Platform (python-werkzeug) (RHSA-2023:1281)

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1281 advisory. Werkzeug started as simple collection of various utilities for WSGI applications and has become one of the most advanced WSGI utility modules. It...

RHEL 9 : Red Hat OpenStack Platform 17.0 (etcd) (RHSA-2023:3441)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:3441 advisory. A highly-available key value store for shared configuration Security Fixes: Information discosure via debug function CVE-2021-28235 Key name...

RHEL 9 : Red Hat OpenStack Platform 17.0 (python-scciclient) (RHSA-2023:0276)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:0276 advisory. Python ServerView Common Command Interface SCCI Client Library Security Fixes: missing server certificate verification CVE-2022-2996 For more details...

RHEL 9 : Red Hat OpenStack Platform 17.1.1 (python-gevent) (RHSA-2023:7438)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:7438 advisory. gevent is a coroutine-based Python networking library that uses greenlet to provide a high-level synchronous API on top of libevent event loop...

RHEL 8 : Red Hat OpenStack Platform (collectd-libpod-stats) (RHSA-2023:1276)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:1276 advisory. Collectd plugin for gathering resource usage statistics from containers created with the libpod library. Security Fixes: net/http: An attacker can...

RHEL 8 : Red Hat OpenStack Platform 16.2 (RHSA-2023:3158)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:3158 advisory. Security Fixes: EMBARGOED CVE-2023-2088 openstack-cinder: silently access other user's volumes CVE-2023-2088 For more details about the security...