EUVD-2022-3861

Malicious code in bioql PyPI...

EUVD-2022-3382

Malicious code in bioql PyPI...

[SECURITY] [DSA 5754-1] cinder security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5754-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 21, 2024 https://www.debian.org/security/faq -...

Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS : Cinder vulnerability (USN-6882-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6882-1 advisory. Martin Kaesberger discovered that Cinder incorrectly handled QCOW2 image processing. An authenticated user could use this issue to...

Ubuntu 20.04 LTS / 22.04 LTS / 23.04 : Cinder vulnerability (USN-6073-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.04 host has packages installed that are affected by a vulnerability as referenced in the USN-6073-1 advisory. Jan Wasilewski and Gorka Eguileor discovered that Cinder incorrectly handled deleted volume attachments. An authenticated user or attacker cou...

USN-5835-4 cinder vulnerability

USN-5835-1 fixed vulnerabilities in Cinder. This update provides the corresponding updates for Ubuntu 18.04 LTS. In addition, a regression was fixed for Ubuntu 20.04 LTS. Original advisory details: Guillaume Espanel, Pierre Libeau, Arnaud Morin, and Damien Rannou discovered that Cinder incorrectl...

USN-5835-1 cinder vulnerability

Guillaume Espanel, Pierre Libeau, Arnaud Morin, and Damien Rannou discovered that Cinder incorrectly handled VMDK image processing. An authenticated attacker could possibly supply a specially crafted VMDK flat image and obtain arbitrary files from the server containing sensitive information...

Ubuntu 20.04 LTS / 22.04 LTS : Cinder vulnerability (USN-5835-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5835-1 advisory. Guillaume Espanel, Pierre Libeau, Arnaud Morin, and Damien Rannou discovered that Cinder incorrectly handled VMDK image processing. An authenticated...

GHSA-9HCJ-H2QC-689P OpenStack Cinder file disclosure in image convert

OpenStack Cinder before 2014.1.5 icehouse, 2014.2.x before 2014.2.4 juno, and 2015.1.x before 2015.1.1 kilo allows remote authenticated users to read arbitrary files via a crafted qcow2 signature in an image to the upload-to-image command...

SUSE-SU-2019:0716-1 Security update for openstack-cinder, openstack-horizon-plugin-designate-ui, openstack-neutron, openstack-neutron-lbaas

This update for openstack-cinder, openstack-horizon-plugin-designate-ui, openstack-neutron, openstack-neutron-lbaas fixes the following issues: Security vulnerabity fixed in openstack-cinder: - CVE-2017-15139: Fixed a leakage of sensitive information between tenants in certain storage volume...