The vulnerability of the Jenkins Openstack Heat Plugin, related to deficiencies in the authentication process, allows attackers to gain unauthorized access to protected information.

The vulnerability of the Jenkins Openstack Heat Plugin is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the Jenkins Openstack Heat Plugin, related to the manipulation of cross-site requests, allows a attacker to perform a CSRF attack.

The vulnerability of the Jenkins Openstack Heat Plugin is related to the manipulation of cross-site requests. Exploiting this vulnerability allows a malicious actor to perform a CSRF attack remotely...

Important: Red Hat Security Advisory: Service Telemetry Framework 1.4 security update

An update is now available for Service Telemetry Framework 1.4 for RHEL 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

Important: Red Hat Security Advisory: Service Telemetry Framework 1.3 security update

An update is now available for Service Telemetry Framework 1.3 for RHEL 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

GHSA-V725-C588-H936 OpenStack Nova Changing vnic_type breaks compute service restart

An issue was discovered in OpenStack Nova before 23.2.2, 24.x before 24.1.2, and 25.x before 25.0.2. By creating a neutron port with the direct vnictype, creating an instance bound to that port, and then changing the vnictype of the bound port to macvtap, an authenticated user may cause the compu...

OpenStack Nova Changing vnic_type breaks compute service restart

An issue was discovered in OpenStack Nova before 23.2.2, 24.x before 24.1.2, and 25.x before 25.0.2. By creating a neutron port with the direct vnictype, creating an instance bound to that port, and then changing the vnictype of the bound port to macvtap, an authenticated user may cause the compu...

CVE-2022-37394

An issue was discovered in OpenStack Nova before 23.2.2, 24.x before 24.1.2, and 25.x before 25.0.2. By creating a neutron port with the direct vnictype, creating an instance bound to that port, and then changing the vnictype of the bound port to macvtap, an authenticated user may cause the compu...

CVE-2022-37394

An issue was discovered in OpenStack Nova before 23.2.2, 24.x before 24.1.2, and 25.x before 25.0.2. By creating a neutron port with the direct vnictype, creating an instance bound to that port, and then changing the vnictype of the bound port to macvtap, an authenticated user may cause the compu...

CVE-2022-37394

An issue was discovered in OpenStack Nova before 23.2.2, 24.x before 24.1.2, and 25.x before 25.0.2. By creating a neutron port with the direct vnictype, creating an instance bound to that port, and then changing the vnictype of the bound port to macvtap, an authenticated user may cause the compu...

CVE-2022-37394

An issue was discovered in OpenStack Nova before 23.2.2, 24.x before 24.1.2, and 25.x before 25.0.2. By creating a neutron port with the direct vnictype, creating an instance bound to that port, and then changing the vnictype of the bound port to macvtap, an authenticated user may cause the compu...

Design/Logic Flaw

An issue was discovered in OpenStack Nova before 23.2.2, 24.x before 24.1.2, and 25.x before 25.0.2. By creating a neutron port with the direct vnictype, creating an instance bound to that port, and then changing the vnictype of the bound port to macvtap, an authenticated user may cause the compu...

UBUNTU-CVE-2022-37394

An issue was discovered in OpenStack Nova before 23.2.2, 24.x before 24.1.2, and 25.x before 25.0.2. By creating a neutron port with the direct vnictype, creating an instance bound to that port, and then changing the vnictype of the bound port to macvtap, an authenticated user may cause the compu...

CVE-2022-37394

CVE-2022-37394 (OpenStack Nova) : An issue in OpenStack Nova before 23.2.2, 24.x before 24.1.2, and 25.x before 25.0.2 allows an authenticated user to cause a compute service denial of service. The attack sequence is: create a Neutron port with the direct vnic_type, create an instance bound to th...

CVE-2022-37394

An issue was discovered in OpenStack Nova before 23.2.2, 24.x before 24.1.2, and 25.x before 25.0.2. By creating a neutron port with the direct vnictype, creating an instance bound to that port, and then changing the vnictype of the bound port to macvtap, an authenticated user may cause the compu...

CVE-2022-37394

An issue was discovered in OpenStack Nova before 23.2.2, 24.x before 24.1.2, and 25.x before 25.0.2. By creating a neutron port with the direct vnictype, creating an instance bound to that port, and then changing the vnictype of the bound port to macvtap, an authenticated user may cause the compu...

OpenStack 安全漏洞

OpenStack is a cloud platform management program of the National Aeronautics and Space Administration NASA of the U.S. OpenStack Nova is one of the cloud computing construct controllers written in Python and is part of the IaaS system. A security vulnerability exists in OpenStack Nova versions...

PT-2022-23970 · Openstack +4 · Openstack Nova +4

Name of the Vulnerable Software and Affected Versions: OpenStack Nova versions prior to 23.2.2 OpenStack Nova versions 24.x prior to 24.1.2 OpenStack Nova versions 25.x prior to 25.0.2 Description: An issue was discovered in OpenStack Nova where an authenticated user may cause the compute service...

A flaw was found in Openstack manilla owning a Ceph File system "share" which enables the owner to read/write any manilla share or entire file system. The vulnerability is due to a bug in the "volumes" plugin in Ceph Manager. This allows an attacker to compromise Confidentiality and Integrity of a file system. Fixed in RHCS 5.2 and Ceph 17.2.2.

...

SUSE: Security Advisory (SUSE-SU-2022:2598-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for gotun (FEDORA-2022-5038c3236c)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...