7742 matches found
CVE-2024-8007
A flaw was found in the openstack-tripleo-common component of the Red Hat OpenStack Platform RHOSP director. This vulnerability allows an attacker to deploy potentially compromised container images via disabling TLS certificate verification for registry mirrors, which could enable a...
CVE-2024-8007
A flaw was found in the openstack-tripleo-common component of the Red Hat OpenStack Platform RHOSP director. This vulnerability allows an attacker to deploy potentially compromised container images via disabling TLS certificate verification for registry mirrors, which could enable a...
CVE-2024-8007 Openstack-tripleo-common: rhosp director disables tls verification for registry mirrors
A flaw was found in the openstack-tripleo-common component of the Red Hat OpenStack Platform RHOSP director. This vulnerability allows an attacker to deploy potentially compromised container images via disabling TLS certificate verification for registry mirrors, which could enable a...
CVE-2024-8007
CVE-2024-8007 affects the Red Hat OpenStack Platform (RHOSP) 17.1.x Director component, specifically the openstack-tripleo-common module used by the director. The vulnerability arises from disabling TLS certificate verification for registry mirrors, which can allow an attacker to deploy potential...
CVE-2024-8007 Openstack-tripleo-common: rhosp director disables tls verification for registry mirrors
A flaw was found in the openstack-tripleo-common component of the Red Hat OpenStack Platform RHOSP director. This vulnerability allows an attacker to deploy potentially compromised container images via disabling TLS certificate verification for registry mirrors, which could enable a...
[SECURITY] [DSA 5756-1] nova security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5756-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 21, 2024 https://www.debian.org/security/faq -...
[SECURITY] [DSA 5755-1] glance security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5755-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 21, 2024 https://www.debian.org/security/faq -...
[SECURITY] [DSA 5754-1] cinder security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5754-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 21, 2024 https://www.debian.org/security/faq -...
PT-2024-38750 · Red Hat · Red Hat Openstack Platform
Name of the Vulnerable Software and Affected Versions: Red Hat OpenStack Platform RHOSP director versions 16.1 through 17.1 Description: A flaw was found in the Red Hat OpenStack Platform RHOSP director, allowing an attacker to deploy potentially compromised container images via disabling TLS...
Debian dsa-5755 : glance - security update
The remote Debian 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5755 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5755-1 [email protected] https://www.debian.org/security/ Moritz...
Debian dsa-5754 : cinder-api - security update
The remote Debian 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5754 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5754-1 [email protected] https://www.debian.org/security/ Moritz...
Debian dsa-5756 : nova-api - security update
The remote Debian 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5756 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5756-1 [email protected] https://www.debian.org/security/ Moritz...
Red Hat OpenStack Platform 信任管理问题漏洞
Red Hat OpenStack Platform is a cloud computing management platform from Red Hat USA. Red Hat OpenStack Platform suffers from a trust management issue vulnerability that originates from allowing an attacker to deploy potentially compromised container images by disabling TLS certificate validation...
Low: cups
Issue Overview: A Incorrect Default Permissions vulnerability in the packaging of cups of SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Manager Server 4.0, SUSE OpenStack Cloud Crowbar 9; openSUSE Leap 15.2, Factory allows local attackers with control of the lp users to create files as root with...
openstack-nova: Regression VMDK/qcow arbitrary file access
An arbitrary file access flaw was found in Nova. By supplying a RAW format image, a specially crafted QCOW2 image with a backing file path, or a VMDK flat image with a descriptor file path, an authenticated user may convince systems to return a copy of the referenced file’s contents from the...
Important: Red Hat Security Advisory: Red Hat OpenStack Platform 16.1.9 (openstack-nova) security update
An update for openstack-nova is now available for Red Hat OpenStack Platform 16.1 Train. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
RHEL 8 : Red Hat OpenStack Platform 16.1.9 (openstack-nova) (RHSA-2024:5113)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:5113 advisory. OpenStack Compute codename Nova is open source software designed to provision and manage large networks of virtual machines,creating a redundant and...
openstack-nova: Regression VMDK/qcow arbitrary file access
An arbitrary file access flaw was found in Nova. By supplying a RAW format image, a specially crafted QCOW2 image with a backing file path, or a VMDK flat image with a descriptor file path, an authenticated user may convince systems to return a copy of the referenced file’s contents from the...
Important: Red Hat Security Advisory: Red Hat OpenStack Platform 16.2.6 security update
Updated packages that resolve various issues are now available for Red Hat OpenStack Platform 16.2 Train for Red Hat Enterprise Linux RHEL 8.4. Red Hat Product Security has rated this update as having a security impact of Important. Red Hat OpenStack Platform provides the facilities for building,...
Important: Red Hat Security Advisory: Red Hat OpenStack Platform 17.1.3 security update
Updated packages that resolve various issues are now available for Red Hat OpenStack Platform 17.1 Wallaby for Red Hat Enterprise Linux RHEL 9.2. Red Hat Product Security has rated this update as having a security impact of Important. Red Hat OpenStack Platform provides the facilities for buildin...