RHEL 9 : Red Hat OpenStack Platform 17.1.3 (RHSA-2024:5083)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:5083 advisory. Red Hat OpenStack Platform provides the facilities for building, deploying and monitoring a private or public infrastructure-as-a-service IaaS cloud...

RHEL 8 : Red Hat OpenStack Platform 16.2.6 (RHSA-2024:5097)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:5097 advisory. Red Hat OpenStack Platform provides the facilities for building, deploying and monitoring a private or public infrastructure-as-a-service IaaS cloud...

openstack-heat may disclose sensitive information

An incomplete fix for CVE-2023-1625 was found in openstack-heat. Sensitive information may possibly be disclosed through the OpenStack stack abandon command with the hidden feature set to True and the CVE-2023-1625 fix applied...

GHSA-2FQR-CX7Q-3PH8 openstack-heat may disclose sensitive information

An incomplete fix for CVE-2023-1625 was found in openstack-heat. Sensitive information may possibly be disclosed through the OpenStack stack abandon command with the hidden feature set to True and the CVE-2023-1625 fix applied...

CVE-2024-7319

An incomplete fix for CVE-2023-1625 was found in openstack-heat. Sensitive information may possibly be disclosed through the OpenStack stack abandon command with the hidden feature set to True and the CVE-2023-1625 fix applied...

DEBIAN-CVE-2024-7319

An incomplete fix for CVE-2023-1625 was found in openstack-heat. Sensitive information may possibly be disclosed through the OpenStack stack abandon command with the hidden feature set to True and the CVE-2023-1625 fix applied...

CVE-2024-7319

An incomplete fix for CVE-2023-1625 was found in openstack-heat. Sensitive information may possibly be disclosed through the OpenStack stack abandon command with the hidden feature set to True and the CVE-2023-1625 fix applied...

CVE-2024-7319

An incomplete fix for CVE-2023-1625 was found in openstack-heat. Sensitive information may possibly be disclosed through the OpenStack stack abandon command with the hidden feature set to True and the CVE-2023-1625 fix applied...

UBUNTU-CVE-2024-7319

An incomplete fix for CVE-2023-1625 was found in openstack-heat. Sensitive information may possibly be disclosed through the OpenStack stack abandon command with the hidden feature set to True and the CVE-2023-1625 fix applied...

CVE-2024-7319

CVE-2024-7319 arises from an incomplete fix for CVE-2023-1625 in OpenStack Heat. The vulnerability could allow sensitive information to be disclosed via the OpenStack stack abandon command when the hidden feature remains enabled, even if the CVE-2023-1625 fix is applied. The connected documents c...

CVE-2024-7319 Openstack-heat: incomplete fix for cve-2023-1625

An incomplete fix for CVE-2023-1625 was found in openstack-heat. Sensitive information may possibly be disclosed through the OpenStack stack abandon command with the hidden feature set to True and the CVE-2023-1625 fix applied...

CVE-2024-7319

An incomplete fix for CVE-2023-1625 was found in openstack-heat. Sensitive information may possibly be disclosed through the OpenStack stack abandon command with the hidden feature set to True and the CVE-2023-1625 fix applied...

CVE-2024-7319 Openstack-heat: incomplete fix for cve-2023-1625

An incomplete fix for CVE-2023-1625 was found in openstack-heat. Sensitive information may possibly be disclosed through the OpenStack stack abandon command with the hidden feature set to True and the CVE-2023-1625 fix applied...

PT-2024-38264 · Openstack +1 · Openstack +1

Name of the Vulnerable Software and Affected Versions: OpenStack versions 16.1 through 17.0 Description: A vulnerability in the stack abandon command could expose sensitive information. Recommendations: For versions 16.1 through 17.0, upgrade to version 22.0.2 to maintain data security...

CVE-2024-41961

Elektra is an opinionated Openstack Dashboard for Operators and Consumers of Openstack Services. A code injection vulnerability was found in the live search functionality of the Ruby on Rails based Elektra web application. An authenticated user can craft a search term containing Ruby code, which...

CVE-2024-41961 Elektra vulnerable to remote code execution in universal search

Elektra is an opinionated Openstack Dashboard for Operators and Consumers of Openstack Services. A code injection vulnerability was found in the live search functionality of the Ruby on Rails based Elektra web application. An authenticated user can craft a search term containing Ruby code, which...

CVE-2024-41961 Elektra vulnerable to remote code execution in universal search

Elektra is an opinionated Openstack Dashboard for Operators and Consumers of Openstack Services. A code injection vulnerability was found in the live search functionality of the Ruby on Rails based Elektra web application. An authenticated user can craft a search term containing Ruby code, which...

CVE-2024-41961 Elektra vulnerable to remote code execution in universal search

Elektra is an opinionated Openstack Dashboard for Operators and Consumers of Openstack Services. A code injection vulnerability was found in the live search functionality of the Ruby on Rails based Elektra web application. An authenticated user can craft a search term containing Ruby code, which...

Elektra 安全漏洞

Elektra is an Openstack dashboard open-sourced by SAP Converged Cloud. Making Openstack more accessible to users. A security vulnerability exists in Elektra that stems from the presence of a code injection vulnerability that allows an authenticated user to craft search terms containing Ruby code ...

OpenStack Heat 信息泄露漏洞

OpenStack Heat is an OpenStack open source service. Composite cloud applications are orchestrated using a declarative template format via the OpenStack native REST API. A security vulnerability exists in OpenStack Heat that stems from the presence of sensitive information disclosure issues...