7 matches found
Linux Distros Unpatched Vulnerability : CVE-2016-4972
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenStack Murano before 1.0.3 liberty and 2.x before 2.0.1 mitaka, Murano-dashboard before 1.0.3 liberty and 2.x before 2.0.1 mitaka, and python-muranoclient...
CVE-2016-4972
OpenStack Murano before 1.0.3 liberty and 2.x before 2.0.1 mitaka, Murano-dashboard before 1.0.3 liberty and 2.x before 2.0.1 mitaka, and python-muranoclient before 0.7.3 liberty and 0.8.x before 0.8.5 mitaka improperly use loaders inherited from yaml.Loader when parsing MuranoPL and UI files,...
DEBIAN-CVE-2016-4972
OpenStack Murano before 1.0.3 liberty and 2.x before 2.0.1 mitaka, Murano-dashboard before 1.0.3 liberty and 2.x before 2.0.1 mitaka, and python-muranoclient before 0.7.3 liberty and 0.8.x before 0.8.5 mitaka improperly use loaders inherited from yaml.Loader when parsing MuranoPL and UI files,...
CVE-2016-4972
CVE-2016-4972 – OpenStack Murano YAML loader misuse leading to RCE . Affected: OpenStack Murano (pre-1.0.3, Liberty) and Murano 2.x before 2.0.1 (Mitaka); Murano-dashboard before 1.0.3 and 2.x before 2.0.1; python-muranoclient before 0.7.3 (Liberty) and 0.8.x before 0.8.5 (Mitaka). Detail: Murano...
CVE-2016-4972
OpenStack Murano before 1.0.3 liberty and 2.x before 2.0.1 mitaka, Murano-dashboard before 1.0.3 liberty and 2.x before 2.0.1 mitaka, and python-muranoclient before 0.7.3 liberty and 0.8.x before 0.8.5 mitaka improperly use loaders inherited from yaml.Loader when parsing MuranoPL and UI files,...
Arbitrary Code Execution Vulnerability in Multiple Openstack Products
OpenStack is a cloud platform management project developed by the National Aeronautics and Space Administration and Rackspace.Openstack Murano is an application catalog management project.Murano-muranoclient is a client library for building Murano APIs. Openstack Murano is an application catalog...
karbor-dashboard (>=1.4.0 <=1.5.1), murano-dashboard (>=6.0.0 <=8.0.0.0rc2) potentially affected by CVE-2012-3540 via horizon (=20.2.0)
horizon PYPI version =20.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on horizon and may be impacted: - karbor-dashboard =1.4.0, =6.0.0, =8.0.0.0rc2 Source cves: CVE-2012-3540 Source advisory: OSV:PYSEC-2012-18...