RHEL 8 : Red Hat OpenStack Platform 16.2.4 (python-django20) (RHSA-2022:8853)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:8853 advisory. Security Fixes: Possible XSS via '% debug %' template tag CVE-2022-22818 Denial of service possibility in file uploads CVE-2022-23833 For mo...

RHEL 8 : Red Hat OpenStack Platform 16.2.4 (protobuf) (RHSA-2022:8847)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:8847 advisory. Protocol Buffers are a way of encoding structured data in an efficient yet extensible format. Google uses Protocol Buffers for almost all of its...

SUSE: Security Advisory (SUSE-SU-2023:0109-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 8 : Red Hat OpenStack Platform 16.2.4 (puppet) (RHSA-2022:8846)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:8846 advisory. Puppet lets you centrally manage every important aspect of your system using a cross-platform specification language that manages all the separate...

RHEL 8 : Red Hat OpenStack Platform 16.2.4 (numpy) (RHSA-2022:8852)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:8852 advisory. A fast multidimensional array facility for Python Security Fixes: NULL pointer dereference in numpy.sort in the PyArrayDescrNew due to missing...

RHEL 8 : Red Hat OpenStack Platform 16.2.4 (openstack-neutron) (RHSA-2022:8855)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:8855 advisory. OpenStack Networking neutron is a virtual network service for OpenStack. Just as OpenStack Compute nova provides an API to dynamically request and...

RHEL 8 : openstack-octavia (RHSA-2020:0721)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:0721 advisory. The OpenStack Load Balancing service openstack-octavia provides a Load Balancing-as-a-Service LBaaS version 2 implementation for Red Hat OpenStack...

RHEL 8 : Red Hat OpenStack 16.2.4 (python-XStatic-Bootstrap-SCSS) (RHSA-2022:8848)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:8848 advisory. Bootstrap style library packaged for setuptools easyinstall / pip. Security Fixes: XSS in the tooltip or popover data-template attribute CVE-2019-833...

RHEL 8 : Red Hat OpenStack Platform 16.2.4 (python-ujson) (RHSA-2022:8850)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:8850 advisory. UltraJSON is an ultra fast JSON encoder and decoder Security Fixes: improper decoding of escaped surrogate characters may lead to string...

RHEL 8 : Red Hat OpenStack Platform 16.1.9 (openstack-barbican) (RHSA-2022:8874)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:8874 advisory. Barbican is a REST API designed for the secure storage, provisioning and management of secrets, including in OpenStack environments. Securit...

RHEL 8 : Red Hat OpenStack Platform 16.2.4 (rabbitmq-server) (RHSA-2022:8851)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:8851 advisory. RabbitMQ is an implementation of AMQP, the emerging standard for high performance enterprise messaging. The RabbitMQ server is a robust and...

RHEL 8 : Red Hat OpenStack Platform 16.1.9 (python-django20) (RHSA-2022:8872)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:8872 advisory. Security Fixes: SQL injection in QuerySet.annotate aggregate and extra CVE-2022-28346 Possible XSS via '% debug %' template tag CVE-2022-228...

RHEL 8 : Red Hat OpenStack 16.1.9 (openstack-tripleo-heat-templates) (RHSA-2022:8796)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:8796 advisory. Heat templates for TripleO Security Fixes: data leak of internal URL through keystoneauthtoken CVE-2021-4180 Other fixes: Before this update, NTP...

RHEL 8 : Red Hat OpenStack Platform 16.1.9 (python-ujson) (RHSA-2022:8864)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:8864 advisory. UltraJSON is an ultra fast JSON encoder and decoder Security Fixes: improper decoding of escaped surrogate characters may lead to string...

RHEL 8 : Red Hat OpenStack Platform 16.1.9 (python-oslo-utils) (RHSA-2022:8873)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:8873 advisory. The OpenStack Oslo Utility library. Security Fixes: incorrect password masking in debug output CVE-2022-0718 For more details about the security...

RHEL 8 : Red Hat OpenStack Platform 16.1.9 (puppet-firewall) (RHSA-2022:8869)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:8869 advisory. Manages Firewalls such as iptables Security Fixes: unmanaged rules could leave system in an unsafe state via duplicate comment CVE-2022-0675 For more...

SUSE: Security Advisory (SUSE-SU-2023:0101-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GHSA-274C-RX2J-2V3X OpenStack Swift XML external entities (XXE) Injection

An issue was discovered in OpenStack Swift before 2.28.1, 2.29.x before 2.29.2, and 2.30.0. By supplying crafted XML files, an authenticated user may coerce the S3 API into returning arbitrary file contents from the host server, resulting in unauthorized read access to potentially sensitive data...

OpenStack Swift XML external entities (XXE) Injection

An issue was discovered in OpenStack Swift before 2.28.1, 2.29.x before 2.29.2, and 2.30.0. By supplying crafted XML files, an authenticated user may coerce the S3 API into returning arbitrary file contents from the host server, resulting in unauthorized read access to potentially sensitive data...

CVE-2022-47950

An issue was discovered in OpenStack Swift before 2.28.1, 2.29.x before 2.29.2, and 2.30.0. By supplying crafted XML files, an authenticated user may coerce the S3 API into returning arbitrary file contents from the host server, resulting in unauthorized read access to potentially sensitive data...