CVE-2024-4436 Etcd: incomplete fix for cve-2022-41723 in openstack platform

The etcd package distributed with the Red Hat OpenStack platform has an incomplete fix for CVE-2022-41723. This issue occurs because the etcd package in the Red Hat OpenStack platform is using http://golang.org/x/net/http2 instead of the one provided by Red Hat Enterprise Linux versions, meaning ...

CVE-2024-4436 Etcd: incomplete fix for cve-2022-41723 in openstack platform

The etcd package distributed with the Red Hat OpenStack platform has an incomplete fix for CVE-2022-41723. This issue occurs because the etcd package in the Red Hat OpenStack platform is using http://golang.org/x/net/http2 instead of the one provided by Red Hat Enterprise Linux versions, meaning ...

PT-2024-31140 · Red Hat · Red Hat Openstack Platform 16.1 +3

The etcd package distributed with the Red Hat OpenStack platform has an incomplete fix for CVE-2023-39325/CVE-2023-44487, known as Rapid Reset. This issue occurs because the etcd package in the Red Hat OpenStack platform is using http://golang.org/x/net/http2 instead of the one provided by Red Ha...

PT-2024-31138 · Red Hat · Red Hat +1

Name of the Vulnerable Software and Affected Versions: Red Hat OpenStack platform affected versions not specified Description: The issue arises from the etcd package in the Red Hat OpenStack platform using http://golang.org/x/net/http2 instead of the version provided by Red Hat Enterprise Linux...

PT-2024-31139 · Red Hat · Red Hat +1

Name of the Vulnerable Software and Affected Versions: Red Hat OpenStack platform affected versions not specified Description: The issue arises from the etcd package in the Red Hat OpenStack platform using http://golang.org/x/net/http2 instead of the one provided by Red Hat Enterprise Linux...

CVE-2024-4438

The etcd package distributed with the Red Hat OpenStack platform has an incomplete fix for CVE-2023-39325/CVE-2023-44487, known as Rapid Reset. This issue occurs because the etcd package in the Red Hat OpenStack platform is using http://golang.org/x/net/http2 instead of the one provided by Red Ha...

CVE-2024-4437

The etcd package distributed with the Red Hat OpenStack platform has an incomplete fix for CVE-2021-44716. This issue occurs because the etcd package in the Red Hat OpenStack platform is using http://golang.org/x/net/http2 instead of the one provided by Red Hat Enterprise Linux versions, meaning ...

CVE-2024-4436

The etcd package distributed with the Red Hat OpenStack platform has an incomplete fix for CVE-2022-41723. This issue occurs because the etcd package in the Red Hat OpenStack platform is using http://golang.org/x/net/http2 instead of the one provided by Red Hat Enterprise Linux versions, meaning ...

Red Hat OpenStack Platform 安全漏洞

Red Hat OpenStack Platform is a cloud computing management platform from Red Hat, an American company. A security vulnerability exists in Red Hat OpenStack Platform that stems from the presence of uncontrolled resource consumption. The following versions are affected: version 16.1, 16.2, and 17.1...

Red Hat OpenStack Platform 资源管理错误漏洞

Red Hat OpenStack Platform is a cloud computing management platform from Red Hat, Inc. A resource management error vulnerability exists in Red Hat OpenStack Platform versions 16.1 and 16.2, which stems from the presence of uncontrolled resource consumption...

Red Hat OpenStack Platform 资源管理错误漏洞

Red Hat OpenStack Platform is a cloud computing management platform from Red Hat, Inc. A resource management error vulnerability exists in Red Hat OpenStack Platform versions 16.1 and 16.2, which stems from the presence of uncontrolled resource consumption...

CVE-2024-28716

An issue in OpenStack Storlets yoga-eom allows a remote attacker to execute arbitrary code via the gateway.py component...

OpenStack 安全漏洞

OpenStack is a cloud platform management program of the National Aeronautics and Space Administration NASA. A security vulnerability exists in OpenStack that stems from allowing remote attackers to execute arbitrary code via the gateway.py component...

CVE-2024-28716

An issue in OpenStack Storlets yoga-eom allows a remote attacker to execute arbitrary code via the gateway.py component...

PT-2024-22536 · Openstack · Openstack Storlets

Name of the Vulnerable Software and Affected Versions: OpenStack Storlets yoga-eom affected versions not specified Description: An issue in OpenStack Storlets yoga-eom allows a remote attacker to execute arbitrary code via the gateway.py component. Recommendations: At the moment, there is no...

CVE-2024-28716

An issue in OpenStack Storlets yoga-eom allows a remote attacker to execute arbitrary code via the gateway.py component...

CVE-2024-28716

CVE-2024-28716 affects OpenStack Storlets yoga-eom and enables remote code execution via gateway.py. The CVSS v3.1 base score is 7.5 (HIGH); attack vector NETWORK, complexity LOW, privileges NONE, no user interaction. Several connected sources (NVD, Red Hat, CVE catalogs, PT Security) confirm the...

RHEL 8 : Red Hat OpenStack Platform 17.1 (GitPython) (RHSA-2024:0190)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:0190 advisory. GitPython is a python library used to interact with Git repositories. Security Fixes: Blind local file inclusion CVE-2023-41040 For more details abou...

RHEL 8 : Red Hat OpenStack Platform 16.2 (openstack-neutron) (RHSA-2023:4283)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:4283 advisory. OpenStack Networking neutron is a virtual network service for OpenStack. Just as OpenStack Compute nova provides an API to dynamically request and...

RHEL 9 : Red Hat OpenStack Platform 17.0 (python-flask) (RHSA-2023:3440)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:3440 advisory. Flask is called a micro-framework because the idea to keep the core simple but extensible. There is no database abstraction layer, no form validation...