3 matches found
RHEL 7 : python-novajoin (RHSA-2019:1728)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2019:1728 advisory. This Python package provides a dynamic vendordata plugin for the OpenStack nova metadata service to manage host instantiation in an IPA server...
CVE-2019-10138
The CVE-2019-10138 issue affects the python-novajoin plugin used by Red Hat OpenStack Platform (all versions up to 1.1.1). The root cause is insufficient access control in the novajoin API, enabling any keystone-authenticated user to generate FreeIPA tokens. This leads to unauthorized token gener...
Moderate: Red Hat Security Advisory: python-novajoin security and bug fix update
An update for python-novajoin is now available for Red Hat OpenStack Platform 13.0 Queens. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...