7 matches found
Linux Distros Unpatched Vulnerability : CVE-2016-4972
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenStack Murano before 1.0.3 liberty and 2.x before 2.0.1 mitaka, Murano-dashboard before 1.0.3 liberty and 2.x before 2.0.1 mitaka, and python-muranoclient...
CVE-2016-4972
OpenStack Murano before 1.0.3 liberty and 2.x before 2.0.1 mitaka, Murano-dashboard before 1.0.3 liberty and 2.x before 2.0.1 mitaka, and python-muranoclient before 0.7.3 liberty and 0.8.x before 0.8.5 mitaka improperly use loaders inherited from yaml.Loader when parsing MuranoPL and UI files,...
DEBIAN-CVE-2016-4972
OpenStack Murano before 1.0.3 liberty and 2.x before 2.0.1 mitaka, Murano-dashboard before 1.0.3 liberty and 2.x before 2.0.1 mitaka, and python-muranoclient before 0.7.3 liberty and 0.8.x before 0.8.5 mitaka improperly use loaders inherited from yaml.Loader when parsing MuranoPL and UI files,...
CVE-2016-4972
OpenStack Murano before 1.0.3 liberty and 2.x before 2.0.1 mitaka, Murano-dashboard before 1.0.3 liberty and 2.x before 2.0.1 mitaka, and python-muranoclient before 0.7.3 liberty and 0.8.x before 0.8.5 mitaka improperly use loaders inherited from yaml.Loader when parsing MuranoPL and UI files,...
CVE-2016-4972
CVE-2016-4972 – OpenStack Murano YAML loader misuse leading to RCE . Affected: OpenStack Murano (pre-1.0.3, Liberty) and Murano 2.x before 2.0.1 (Mitaka); Murano-dashboard before 1.0.3 and 2.x before 2.0.1; python-muranoclient before 0.7.3 (Liberty) and 0.8.x before 0.8.5 (Mitaka). Detail: Murano...
Arbitrary Code Execution Vulnerability in Multiple Openstack Products
OpenStack is a cloud platform management project developed by the National Aeronautics and Space Administration and Rackspace.Openstack Murano is an application catalog management project.Murano-muranoclient is a client library for building Murano APIs. Openstack Murano is an application catalog...
karbor-dashboard (>=1.4.0 <=1.5.1), murano-dashboard (>=6.0.0 <=8.0.0.0rc2) potentially affected by CVE-2012-3540 via horizon (=20.2.0)
horizon PYPI version =20.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on horizon and may be impacted: - karbor-dashboard =1.4.0, =6.0.0, =8.0.0.0rc2 Source cves: CVE-2012-3540 Source advisory: OSV:PYSEC-2012-18...