7812 matches found
openstack-neutron: unrestricted creation of security groups
An uncontrolled resource consumption flaw was found in openstack-neutron. This flaw allows a remote authenticated user to query a list of security groups for an invalid project. This issue creates resources that are unconstrained by the user's quota. If a malicious user were to submit a significa...
Moderate: Red Hat Security Advisory: Red Hat OpenStack Platform 17.0 (openstack-neutron) security update
An update for openstack-neutron is now available for Red Hat OpenStack Platform 17.0 Wallaby. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...
Moderate: Red Hat Security Advisory: Red Hat OpenStack Platform 17.0 (python-XStatic-Angular) security update
An update for python-XStatic-Angular is now available for Red Hat OpenStack Platform 17.0 Wallaby. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...
CVE-2022-47951
A flaw was found in OpenStack-nova, Openstack-glance, and Openstack-cinder. By supplying a specially created VMDK flat image that references a specific backing file path, an authenticated user may convince systems to return a copy of that file's contents from the server, resulting in unauthorized...
Denial Of Service (DoS)
openstack-neutron is vulnerable to Denial of Service DoS attacks. A remote authenticated user is able to cause uncontrolled resource consumption via submitting a significant number of requests, resulting in denial of service conditions...
Debian dla-3281 : python-swift - security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3281 advisory. - ----------------------------------------------------------------------- Debian LTS Advisory DLA-3281-1 [email protected] https://www.debian.org/lts/security/...
OpenStack 路径遍历漏洞
OpenStack is a cloud platform management program of the National Aeronautics and Space Administration NASA. A security vulnerability exists in OpenStack Cinder, glance, and nova, which stems from the fact that by providing a specially created VMDK flat image that references the path to a specific...
RHEL 8 : Red Hat OpenStack Platform 16.2.4 (puppet) (RHSA-2022:8846)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:8846 advisory. Puppet lets you centrally manage every important aspect of your system using a cross-platform specification language that manages all the separate...
RHEL 8 : Red Hat OpenStack Platform 16.2.4 (numpy) (RHSA-2022:8852)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:8852 advisory. A fast multidimensional array facility for Python Security Fixes: NULL pointer dereference in numpy.sort in the PyArrayDescrNew due to missing...
RHEL 8 : Red Hat OpenStack Platform 16.1.9 (openstack-neutron) (RHSA-2022:8870)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:8870 advisory. OpenStack Networking neutron is a virtual network service for OpenStack. Just as OpenStack Compute nova provides an API to dynamically request and...
RHEL 8 : Red Hat OpenStack 16.1.9 (openstack-tripleo-heat-templates) (RHSA-2022:8796)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:8796 advisory. Heat templates for TripleO Security Fixes: data leak of internal URL through keystoneauthtoken CVE-2021-4180 Other fixes: Before this update, NTP...
RHEL 8 : Red Hat OpenStack Platform 16.2.4 (python-ujson) (RHSA-2022:8850)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:8850 advisory. UltraJSON is an ultra fast JSON encoder and decoder Security Fixes: improper decoding of escaped surrogate characters may lead to string...
RHEL 8 : Red Hat OpenStack Platform 16.1.9 (protobuf) (RHSA-2022:8860)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:8860 advisory. Security Fixes: Incorrect parsing of nullchar in the proto symbol leads to Nullptr dereference CVE-2021-22570 For more details about the security...
RHEL 8 : Red Hat OpenStack Platform 16.1.9 (python-django20) (RHSA-2022:8872)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:8872 advisory. Security Fixes: SQL injection in QuerySet.annotate aggregate and extra CVE-2022-28346 Possible XSS via '% debug %' template tag CVE-2022-228...
RHEL 8 : Red Hat OpenStack Platform 16.1.9 (python-oslo-utils) (RHSA-2022:8873)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:8873 advisory. The OpenStack Oslo Utility library. Security Fixes: incorrect password masking in debug output CVE-2022-0718 For more details about the security...
RHEL 8 : Red Hat OpenStack Platform 16.2.4 (erlang) (RHSA-2022:8857)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:8857 advisory. Erlang is a general-purpose programming language and runtime environment. Erlang has built-in support for concurrency, distribution and fault...
RHEL 8 : Red Hat OpenStack Platform 16.2.4 (rabbitmq-server) (RHSA-2022:8851)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:8851 advisory. RabbitMQ is an implementation of AMQP, the emerging standard for high performance enterprise messaging. The RabbitMQ server is a robust and...
RHEL 8 : Red Hat OpenStack Platform 16.1.9 (python-ujson) (RHSA-2022:8864)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:8864 advisory. UltraJSON is an ultra fast JSON encoder and decoder Security Fixes: improper decoding of escaped surrogate characters may lead to string...
RHEL 8 : Red Hat OpenStack Platform 16.1.9 (python-scciclient) (RHSA-2022:8868)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:8868 advisory. Python ServerView Common Command Interface SCCI Client Library Security Fixes: missing server certificate verification CVE-2022-2996 For more details...
RHEL 8 : Red Hat OpenStack Platform 16.1.9 (numpy) (RHSA-2022:8861)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:8861 advisory. A fast multidimensional array facility for Python Security Fixes: NULL pointer dereference in numpy.sort in the PyArrayDescrNew due to missing...