5 matches found
EUVD-2013-6274
Malware in sbrugna...
EUVD-2022-4777
Malicious code in bioql PyPI...
Authorization Bypass
openstack-foreman-installer is vulnerable to authorization bypass attacks. The vulnerability exists as the default configuration in the standalone controller quickstack manifest in openstack-foreman-installer, as used in Red Hat Enterprise Linux OpenStack Platform 4.0, disables authentication for...
foreman-installer: insecure defaults
The default configuration in the standalone controller quickstack manifest in openstack-foreman-installer, as used in Red Hat Enterprise Linux OpenStack Platform 4.0, disables authentication for Qpid, which allows remote attackers to gain access by connecting to Qpid...
qpid-cpp: qpid authentication bypass
It was found that the Apache Qpid daemon qpidd treated AMQP connections with the federationtag attribute set as a broker-to-broker connection, rather than a client-to-server connection. This resulted in the source user ID of messages not being checked. A client that can establish an AMQP connecti...