SUSE: Security Advisory (SUSE-SU-2022:4240-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-4134

A flaw was found in openstack-glance. This issue could allow a remote, authenticated attacker to tamper with images, compromising the integrity of virtual machines created using these modified images. Mitigation There are two options: 1. Manually disable the showmultiplelocations configuration...

CVE-2022-3261

A flaw was found in OpenStack. Multiple components show plain-text passwords in /var/log/messages during the OpenStack overcloud update run, leading to a disclosure of sensitive information problem...

OpenStack 安全漏洞

OpenStack is a cloud platform management program of the National Aeronautics and Space Administration NASA. OpenStack has a security vulnerability that stems from plain text passwords being saved in /var/log/messages...

Important: Red Hat Security Advisory: Red Hat OpenStack Platform 13.0 (openvswitch2.11) security update

An update for openvswitch2.11 is now available for Red Hat OpenStack Platform 13 Queens. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

GHSA-5PJ3-6FQM-8M7M OpenStack Sushy-Tools and VirtualBMC Improper Preservation of Permissions

An issue was discovered in OpenStack Sushy-Tools through 0.21.0 and VirtualBMC through 2.2.2. Changing the boot device configuration with these packages removes password protection from the managed libvirt XML domain. NOTE: this only affects an "unsupported, production-like configuration."...

OpenStack Sushy-Tools and VirtualBMC Improper Preservation of Permissions

An issue was discovered in OpenStack Sushy-Tools through 0.21.0 and VirtualBMC through 2.2.2. Changing the boot device configuration with these packages removes password protection from the managed libvirt XML domain. NOTE: this only affects an "unsupported, production-like configuration."...

CVE-2022-44020

An issue was discovered in OpenStack Sushy-Tools through 0.21.0 and VirtualBMC through 2.2.2. Changing the boot device configuration with these packages removes password protection from the managed libvirt XML domain. NOTE: this only affects an "unsupported, production-like configuration."...

CVE-2022-44020

An issue was discovered in OpenStack Sushy-Tools through 0.21.0 and VirtualBMC through 2.2.2. Changing the boot device configuration with these packages removes password protection from the managed libvirt XML domain. NOTE: this only affects an "unsupported, production-like configuration."...

Design/Logic Flaw

An issue was discovered in OpenStack Sushy-Tools through 0.21.0 and VirtualBMC through 2.2.2. Changing the boot device configuration with these packages removes password protection from the managed libvirt XML domain. NOTE: this only affects an "unsupported, production-like configuration."...

OpenStack 安全漏洞

OpenStack is a cloud platform management program of the National Aeronautics and Space Administration NASA. A security vulnerability exists in OpenStack Sushy-Tools 0.21.0 and earlier and VirtualBMC 2.2.2 and earlier, which stems from the fact that changing the boot device configuration with thes...

CVE-2022-44020

An issue was discovered in OpenStack Sushy-Tools through 0.21.0 and VirtualBMC through 2.2.2. Changing the boot device configuration with these packages removes password protection from the managed libvirt XML domain. NOTE: this only affects an "unsupported, production-like configuration."...

CVE-2022-44020

CVE-2022-44020 affects OpenStack Sushy-Tools up to 0.21.0 and VirtualBMC up to 2.2.2. The issue occurs when changing the boot device configuration, which removes password protection from the managed libvirt XML domain. This risk is disclosed as affecting an "unsupported, production-like configura...

CVE-2022-44020

An issue was discovered in OpenStack Sushy-Tools through 0.21.0 and VirtualBMC through 2.2.2. Changing the boot device configuration with these packages removes password protection from the managed libvirt XML domain. NOTE: this only affects an "unsupported, production-like configuration."...

PT-2022-27083 · Openstack · Openstack Sushy-Tools

Name of the Vulnerable Software and Affected Versions: OpenStack Sushy-Tools versions 0.21.0 and earlier VirtualBMC versions 2.2.2 and earlier Description: An issue was discovered where changing the boot device configuration with the affected packages removes password protection from the managed...

RHEL 7 / 8 / 9 : Red Hat OpenStack Platform (puppet-mysql) (RHSA-2022:7238)

The remote Redhat Enterprise Linux 7 / 8 / 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:7238 advisory. Installs, configures, and manages the MySQL service. Security Fixes: Command Injection in the puppetlabs-mysql module CVE-2022-3276 For more...

SUSE: Security Advisory (SUSE-SU-2022:3791-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2022:3801-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2022:3804-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Important: Red Hat Security Advisory: Red Hat OpenStack Platform (puppet-mysql) security update

An update for puppet-mysql is now available for Red Hat OpenStack Platform 13.0 Queens, 16.1 Train, 16.2 Train and 17.0 Wallaby. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...