CVE-2024-28717

An issue in OpenStack Storlets yoga-eom allows a remote attacker to execute arbitrary code via the gateway.py component...

CVE-2024-28716

An issue in OpenStack Storlets yoga-eom allows a remote attacker to execute arbitrary code via the gateway.py component...

PT-2024-22536 · Openstack · Openstack Storlets

Name of the Vulnerable Software and Affected Versions: OpenStack Storlets yoga-eom affected versions not specified Description: An issue in OpenStack Storlets yoga-eom allows a remote attacker to execute arbitrary code via the gateway.py component. Recommendations: At the moment, there is no...

Time-of-check Time-of-use (TOCTOU) Attack

OpenStack Storlets is vulnerable to Time-of-check Time-of-use TOCTOU Attack. The vulnerability is caused due to a lack of strict permission checks and restriction, leading to improper permission settings on file creation. This allows an attacker to gain unauthorized access to or modify sensitive...

PT-2024-22537 · Openstack · Openstack Storlets

Name of the Vulnerable Software and Affected Versions: OpenStack Storlets version yoga-eom Description: The issue allows a remote attacker to execute arbitrary code via the gateway.py component. Recommendations: For OpenStack Storlets version yoga-eom, at the moment, there is no information about...

OpenStack Storlets 安全漏洞

OpenStack Storlets is an Openstack Swift extension to OpenStack open source. A security vulnerability exists in OpenStack Storlets. A remote attacker can exploit this vulnerability to execute arbitrary code via the gateway.py component...