7801 matches found
PT-2024-33096 · Red Hat · Openstack Platform Director
Name of the Vulnerable Software and Affected Versions: OpenStack Platform RHOSP director affected versions not specified Description: A flaw in the OpenStack Platform director allows plaintext passwords to be stored in log files. This can expose sensitive information to anyone with access to the...
RHEL 6 : openstack-heat (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - openstack-heat: Template source URL allows network port scan CVE-2016-9185 Note that Nessus has not tested for this...
RHEL 6 : openstack-glance (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - openstack-glance: API v1 copyfrom reveals network details CVE-2017-7200 - A vulnerability was found in...
RHEL 6 : openstack-neutron (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - openstack-neutron: MAC source address spoofing vulnerability CVE-2016-5363 - The IPTables firewall in...
CVE-2024-4437
The etcd package distributed with the Red Hat OpenStack platform has an incomplete fix for CVE-2021-44716. This issue occurs because the etcd package in the Red Hat OpenStack platform is using http://golang.org/x/net/http2 instead of the one provided by Red Hat Enterprise Linux versions, meaning ...
CVE-2024-4438
The etcd package distributed with the Red Hat OpenStack platform has an incomplete fix for CVE-2023-39325/CVE-2023-44487, known as Rapid Reset. This issue occurs because the etcd package in the Red Hat OpenStack platform is using http://golang.org/x/net/http2 instead of the one provided by Red Ha...
CVE-2024-4436
The etcd package distributed with the Red Hat OpenStack platform has an incomplete fix for CVE-2022-41723. This issue occurs because the etcd package in the Red Hat OpenStack platform is using http://golang.org/x/net/http2 instead of the one provided by Red Hat Enterprise Linux versions, meaning ...
CVE-2024-4438
The etcd package distributed with the Red Hat OpenStack platform has an incomplete fix for CVE-2023-39325/CVE-2023-44487, known as Rapid Reset. This issue occurs because the etcd package in the Red Hat OpenStack platform is using http://golang.org/x/net/http2 instead of the one provided by Red Ha...
CVE-2024-4437
The etcd package distributed with the Red Hat OpenStack platform has an incomplete fix for CVE-2021-44716. This issue occurs because the etcd package in the Red Hat OpenStack platform is using http://golang.org/x/net/http2 instead of the one provided by Red Hat Enterprise Linux versions, meaning ...
CVE-2024-4436
The etcd package distributed with the Red Hat OpenStack platform has an incomplete fix for CVE-2022-41723. This issue occurs because the etcd package in the Red Hat OpenStack platform is using http://golang.org/x/net/http2 instead of the one provided by Red Hat Enterprise Linux versions, meaning ...
CVE-2024-4438 Etcd: incomplete fix for cve-2023-39325/cve-2023-44487 in openstack platform
The etcd package distributed with the Red Hat OpenStack platform has an incomplete fix for CVE-2023-39325/CVE-2023-44487, known as Rapid Reset. This issue occurs because the etcd package in the Red Hat OpenStack platform is using http://golang.org/x/net/http2 instead of the one provided by Red Ha...
CVE-2024-4438
Technical details about CVE-2024-4438 are not provided in the supplied documents. The entry only states an incomplete fix related to CVE-2023-39325/CVE-2023-44487 in etcd within Red Hat OpenStack; no affected products, versions, or fixes are specified. Monitor for updates.
CVE-2024-4438 Etcd: incomplete fix for cve-2023-39325/cve-2023-44487 in openstack platform
The etcd package distributed with the Red Hat OpenStack platform has an incomplete fix for CVE-2023-39325/CVE-2023-44487, known as Rapid Reset. This issue occurs because the etcd package in the Red Hat OpenStack platform is using http://golang.org/x/net/http2 instead of the one provided by Red Ha...
CVE-2024-4437 Etcd: incomplete fix for cve-2021-44716 in openstack platform
The etcd package distributed with the Red Hat OpenStack platform has an incomplete fix for CVE-2021-44716. This issue occurs because the etcd package in the Red Hat OpenStack platform is using http://golang.org/x/net/http2 instead of the one provided by Red Hat Enterprise Linux versions, meaning ...
CVE-2024-4437
CVE-2024-4437 concerns the etcd package in the Red Hat OpenStack Platform with an incomplete fix for CVE-2021-44716. The root cause, as stated, is that the etcd package uses http://golang.org/x/net/http2 instead of the Red Hat Enterprise Linux-provided version, requiring a compile-time update rat...
CVE-2024-4437 Etcd: incomplete fix for cve-2021-44716 in openstack platform
The etcd package distributed with the Red Hat OpenStack platform has an incomplete fix for CVE-2021-44716. This issue occurs because the etcd package in the Red Hat OpenStack platform is using http://golang.org/x/net/http2 instead of the one provided by Red Hat Enterprise Linux versions, meaning ...
CVE-2024-4436 Etcd: incomplete fix for cve-2022-41723 in openstack platform
The etcd package distributed with the Red Hat OpenStack platform has an incomplete fix for CVE-2022-41723. This issue occurs because the etcd package in the Red Hat OpenStack platform is using http://golang.org/x/net/http2 instead of the one provided by Red Hat Enterprise Linux versions, meaning ...
CVE-2024-4436 Etcd: incomplete fix for cve-2022-41723 in openstack platform
The etcd package distributed with the Red Hat OpenStack platform has an incomplete fix for CVE-2022-41723. This issue occurs because the etcd package in the Red Hat OpenStack platform is using http://golang.org/x/net/http2 instead of the one provided by Red Hat Enterprise Linux versions, meaning ...
CVE-2024-4436
The CVE-2024-4436 entry notes an incomplete fix for CVE-2022-41723 in the Red Hat OpenStack platform’s etcd package. The underlying issue is that the etcd package uses http://golang.org/x/net/http2 instead of the Red Hat Enterprise Linux-provided http2, meaning the fix should be applied at compil...
PT-2024-31138 · Red Hat · Red Hat +1
Name of the Vulnerable Software and Affected Versions: Red Hat OpenStack platform affected versions not specified Description: The issue arises from the etcd package in the Red Hat OpenStack platform using http://golang.org/x/net/http2 instead of the version provided by Red Hat Enterprise Linux...