RHEL 8 : Red Hat OpenStack Platform 16.2 (etcd) (RHSA-2022:6061)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:6061 advisory. The etcd packages provide a highly available key-value store for shared configuration. Security Fixes: golang: compress/gzip: stack exhausti...

RHEL 8 : Red Hat OpenStack Platform 16.1 (collectd-libpod-stats) (RHSA-2022:6065)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:6065 advisory. Collectd plugin for gathering resource usage statistics from containers created with the libpod library. Security Fixes: golang: compress/gzip: stack...

RHEL 8 : Red Hat OpenStack Platform 16.2 (collectd-libpod-stats) (RHSA-2022:6062)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:6062 advisory. Collectd plugin for gathering resource usage statistics from containers created with the libpod library. Security Fixes: golang: compress/gzip: stack...

Important: Red Hat Security Advisory: Service Telemetry Framework 1.4 security update

An update is now available for Service Telemetry Framework 1.4 for RHEL 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

Important: Red Hat Security Advisory: Service Telemetry Framework 1.3 security update

An update is now available for Service Telemetry Framework 1.3 for RHEL 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

RHEL 8 : Red Hat OpenStack Platform 16.2 (puppet-firewall) (RHSA-2022:5116)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:5116 advisory. Manages Firewalls such as iptables Security Fixes: unmanaged rules could leave system in an unsafe state via duplicate comment CVE-2022-0675 For more...

GHSA-QCJ3-H27M-MP9X Openstack Octavia allows Insertion of Sensitive Information into Log File

In a default Red Hat Openstack Platform Director installation, openstack-octavia before versions openstack-octavia 2.0.2-5 and openstack-octavia-3.0.1-0.20181009115732 creates log files that are readable by all users. Sensitive information such as private keys can appear in these log files allowi...

Openstack Octavia allows Insertion of Sensitive Information into Log File

In a default Red Hat Openstack Platform Director installation, openstack-octavia before versions openstack-octavia 2.0.2-5 and openstack-octavia-3.0.1-0.20181009115732 creates log files that are readable by all users. Sensitive information such as private keys can appear in these log files allowi...

RHEL 8 : Red Hat OpenStack Platform 16.1 (python-twisted) (RHSA-2022:1646)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:1646 advisory. Twisted is a networking engine written in Python, supporting numerous protocols. It contains a web server, numerous chat clients, chat servers, mail...

RHEL 8 : Red Hat OpenStack Platform 16.2 (python-twisted) (RHSA-2022:1645)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:1645 advisory. Twisted is a networking engine written in Python, supporting numerous protocols. It contains a web server, numerous chat clients, chat servers, mail...

barbican 授权问题漏洞

barbican is an OpenStack key management service, API server. An authorization issue vulnerability exists in barbican due to a lack of authorization checks. A remote user with the administrator role could add secrets to different project containers. The vulnerability allows an attacker on a networ...

RHEL 7 : Red Hat OpenStack Platform 13.0 (python-waitress) (RHSA-2022:1264)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:1264 advisory. Pure-python WSGI server Security Fixes: Inconsistent Interpretation of HTTP Requests 'HTTP Request Smuggling' CVE-2022-24761 For more details about t...

Important: Red Hat Security Advisory: Red Hat OpenStack Platform 13.0 (python-waitress) security update

An update for python-waitress is now available for Red Hat OpenStack Platform 13 Queens. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Important: Red Hat Security Advisory: Red Hat OpenStack Platform 16.2 (python-waitress) security update

An update for python-waitress is now available for Red Hat OpenStack Platform 16.2 Train. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

RHEL 8 : Red Hat OpenStack Platform 16.2 (python-waitress) (RHSA-2022:1253)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:1253 advisory. Pure-python WSGI server Security Fixes: Inconsistent Interpretation of HTTP Requests 'HTTP Request Smuggling' CVE-2022-24761 For more details about t...

RHEL 8 : Red Hat OpenStack Platform 16.1 (numpy) (RHSA-2022:0987)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0987 advisory. A fast multidimensional array facility for Python Security Fixes: buffer overflow in the PyArrayNewFromDescrint in ctors.c CVE-2021-33430...

RHEL 8 : Red Hat OpenStack Platform 16.1 (golang-qpid-apache) (RHSA-2022:0989)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:0989 advisory. Golang binding library for qpid-proton Security Fixes: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet...

RHEL 8 : Red Hat OpenStack Platform 16.1 (openstack-neutron) (RHSA-2022:0990)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:0990 advisory. OpenStack Networking neutron is a virtual network service for OpenStack. Just as OpenStack Compute nova provides an API to dynamically request and...

RHEL 8 : Red Hat OpenStack Platform 16.1 (python-twisted) (RHSA-2022:0982)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:0982 advisory. Twisted is a networking engine written in Python, supporting numerous protocols. It contains a web server, numerous chat clients, chat...

RHEL 8 : Red Hat OpenStack Platform 16.1 (golang-github-vbatts-tar-split) (RHSA-2022:0988)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:0988 advisory. Security Fixes: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet CVE-2021-29923 golang:...