Red Hat OpenStack Platform 安全漏洞

Red Hat OpenStack Platform is a cloud computing management platform from the US-based Red Hat, Inc. Red Hat OpenStack Platform suffers from a security vulnerability that stems from the fact that it only validates the first 72 characters of an application key allowing an attacker to bypass some of...

PT-2022-10474 · Openstack · Openstack-Tripleo-Heat-Templates

Name of the Vulnerable Software and Affected Versions: openstack-tripleo-heat-templates affected versions not specified Description: A flaw was found in openstack-tripleo-heat-templates where plain passwords from RHSM exist in the logs during OSP13 deployment with subscription-manager...

SUSE: Security Advisory (SUSE-SU-2022:2898-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openstack-tripleo-heat-templates 安全漏洞

openstack-tripleo-heat-templates is a set of templates and tools for building Heat templates for OpenStack deployment. A security vulnerability exists in openstack-tripleo-heat-templates that stems from the presence of plain passwords from RHSM in its logs during the deployment of OSP13 using...

PT-2022-10472

Name of the Vulnerable Software and Affected Versions openstack-keystone affected versions not specified Description A flaw was found in openstack-keystone, where only the first 72 characters of an application secret are verified. This allows attackers to bypass some password complexity that...

SUSE: Security Advisory (SUSE-SU-2022:2899-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2022:2846-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2022:2819-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2022:2811-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Important: Red Hat Security Advisory: Red Hat OpenStack Platform 16.1 (etcd) security update

An update for etcd is now available for Red Hat OpenStack Platform 16.1 Train. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...

Important: Red Hat Security Advisory: Red Hat OpenStack Platform 16.1 (collectd-libpod-stats) security update

An update for collectd-libpod-stats is now available for Red Hat OpenStack Platform 16.1 Train. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Important: Red Hat Security Advisory: Red Hat OpenStack Platform 16.2 (collectd-libpod-stats) security update

An update for collectd-libpod-stats is now available for Red Hat OpenStack Platform 16.2 Train. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Important: Red Hat Security Advisory: Red Hat OpenStack Platform 16.2 (etcd) security update

An update for etcd is now available for Red Hat OpenStack Platform 16.2 Train. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...

RHEL 8 : Red Hat OpenStack Platform 16.1 (etcd) (RHSA-2022:6066)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:6066 advisory. The etcd packages provide a highly available key-value store for shared configuration. Security Fixes: golang: compress/gzip: stack exhausti...

RHEL 8 : Red Hat OpenStack Platform 16.1 (collectd-libpod-stats) (RHSA-2022:6065)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:6065 advisory. Collectd plugin for gathering resource usage statistics from containers created with the libpod library. Security Fixes: golang: compress/gzip: stack...

RHEL 8 : Red Hat OpenStack Platform 16.2 (etcd) (RHSA-2022:6061)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:6061 advisory. The etcd packages provide a highly available key-value store for shared configuration. Security Fixes: golang: compress/gzip: stack exhausti...

RHEL 8 : Red Hat OpenStack Platform 16.2 (collectd-libpod-stats) (RHSA-2022:6062)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:6062 advisory. Collectd plugin for gathering resource usage statistics from containers created with the libpod library. Security Fixes: golang: compress/gzip: stack...

CVE-2022-37394

An issue was discovered in OpenStack Nova before 23.2.2, 24.x before 24.1.2, and 25.x before 25.0.2. By creating a neutron port with the direct vnictype, creating an instance bound to that port, and then changing the vnictype of the bound port to macvtap, an authenticated user may cause the compu...

The vulnerability of the Jenkins Openstack Heat Plugin is related to deficiencies in the authentication process, allowing attackers to replace the URL address.

The vulnerability of the Jenkins Openstack Heat Plugin is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor to remotely replace the URL address...

The vulnerability of the Jenkins Openstack Heat Plugin, related to deficiencies in the authentication process, allows attackers to gain unauthorized access to protected information.

The vulnerability of the Jenkins Openstack Heat Plugin is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...