PT-2024-8621 · Openstack +4 · Openstack +4

Name of the Vulnerable Software and Affected Versions: OpenStack affected versions not specified Description: A flaw was found in OpenStack. When a user tries to delete a non-existing access rule in its scope, it deletes other existing access rules which are not associated with any application...

[SECURITY] [DLA 3713-1] subunit bugfix update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3713-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès January 21, 2024 https://wiki.debian.org/LTS -...

Moderate: Red Hat Security Advisory: Red Hat OpenStack Platform 17.1 (openstack-tripleo-common) security update

An update for openstack-tripleo-common is now available for Red Hat OpenStack Platform 17.1 Wallaby. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

Moderate: Red Hat Security Advisory: Red Hat OpenStack Platform 17.1 (GitPython) security update

An update for GitPython is now available for Red Hat OpenStack Platform 17.1 Wallaby. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

openstack/kolla: sudo privilege escalation vulnerability

A privilege escalation vulnerability exists in the sudo functionality of OpenStack Kolla. A misconfiguration in /etc/sudoers within a container can lead to increased privileges...

Moderate: Red Hat Security Advisory: Red Hat OpenStack Platform 17.1 (python-eventlet) security update

An update for python-eventlet is now available for Red Hat OpenStack Platform 17.1 Wallaby. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Moderate: Red Hat Security Advisory: Red Hat OpenStack Platform 17.1 (python-urllib3) security update

An update for python-urllib3 is now available for Red Hat OpenStack Platform 17.1 Wallaby. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Moderate: Red Hat Security Advisory: Red Hat OpenStack Platform 17.1 (rabbitmq-server) security update

An update for rabbitmq-server is now available for Red Hat OpenStack Platform 17.1 Wallaby. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Moderate: Red Hat Security Advisory: Red Hat OpenStack Platform 17.1 (python-eventlet) security update

An update for python-eventlet is now available for Red Hat OpenStack Platform 17.1 Wallaby. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Moderate: Red Hat Security Advisory: Red Hat OpenStack Platform 17.1 (openstack-tripleo-common) security update

An update for openstack-tripleo-common is now available for Red Hat OpenStack Platform 17.1 Wallaby. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

openstack/kolla: sudo privilege escalation vulnerability

A privilege escalation vulnerability exists in the sudo functionality of OpenStack Kolla. A misconfiguration in /etc/sudoers within a container can lead to increased privileges...

Moderate: Red Hat Security Advisory: Red Hat OpenStack Platform 17.1 (python-django) security update

An update for python-django is now available for Red Hat OpenStack Platform 17.1 Wallaby. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Moderate: Red Hat Security Advisory: Red Hat OpenStack Platform 17.1 (python-werkzeug) security update

An update for python-werkzeug is now available for Red Hat OpenStack Platform 17.1 Wallaby. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

RHEL 9 : Red Hat OpenStack Platform 17.1 (GitPython) (RHSA-2024:0215)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:0215 advisory. GitPython is a python library used to interact with Git repositories. Security Fixes: Blind local file inclusion CVE-2023-41040 For more details abou...

RHEL 9 : Red Hat OpenStack Platform 17.1 (openstack-tripleo-common) (RHSA-2024:0216)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:0216 advisory. This update affects a Python library for code used by TripleO projects. Security Fixes: sudo privilege escalation vulnerability CVE-2022-38060 For mo...

RHEL 9 : Red Hat OpenStack Platform 17.1 (rabbitmq-server) (RHSA-2024:0217)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:0217 advisory. RabbitMQ is an implementation of AMQP, the emerging standard for high performance enterprise messaging. The RabbitMQ server is a robust and scalable...

RHEL 9 : Red Hat OpenStack Platform 17.1 (python-eventlet) (RHSA-2024:0213)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:0213 advisory. Eventlet is a networking library written in Python. It achieves high scalability by using non-blocking io while at the same time retaining high...

RHEL 9 : Red Hat OpenStack Platform 17.1 (python-django) (RHSA-2024:0212)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:0212 advisory. Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as...

Incorrect Authorization

openstack-keystone is vulnerable to Incorrect Authorization. The vulnerability is caused due to a flaw where only the first 72 characters of an application secret are verified. This allows attackers to bypass some password complexity which administrators may be counting on leading to compromising...

[SECURITY] [DLA 3678-1] horizon security update - CORRECTED ANNOUNCEMENT

Debian LTS Advisory DLA-3678-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin December 30, 2023 https://wiki.debian.org/LTS Package : horizon Version : 3:14.0.2-3+deb10u3 CVE ID : CVE-2022-45582 NB: The original message sent included the wrong DLA reference ID. Th...