Lucene search
K

137 matches found

Chainguard
Chainguard
added 2026/06/23 8:17 a.m.13 views

GHSA-3J69-69WJ-XQX2 vulnerabilities

Vulnerabilities for packages: openstack-horizon-2025.1, openstack-glance-2026.1-fips, datahub-ingestion, openstack-horizon-2026.1-fips, openstack-keystone-2025.2-fips, openstack-glance-2025.2, openstack-glance-2025.2-fips, openstack-glance-2025.1-fips, openstack-horizon-2025.1-fips,...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2026/06/23 8:17 a.m.8 views

CVE-2026-54911 vulnerabilities

Vulnerabilities for packages: openstack-horizon-2025.1, openstack-glance-2026.1-fips, datahub-ingestion, openstack-horizon-2026.1-fips, openstack-keystone-2025.2-fips, openstack-glance-2025.2, openstack-glance-2025.2-fips, openstack-glance-2025.1-fips, openstack-horizon-2025.1-fips,...

6.5CVSS6.1AI score0.00272EPSS
Exploits0
Chainguard
Chainguard
added 2026/06/23 8:16 a.m.21 views

GHSA-6V7P-G79W-8964 vulnerabilities

Vulnerabilities for packages: openstack-horizon-2025.1, datadog-agent, openstack-glance-2026.1-fips, request-1276, openstack-horizon-2026.1-fips, graalvm, nemo, superset, openstack-keystone-2025.2-fips, openstack-tempest-2026.1, openstack-glance-2025.2, openstack-glance-2025.2-fips,...

6.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-55748

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenStack Horizon before 25.7.4 produces scripts for OpenStack RC file downloading that may have a crafted project name with shell metacharacters. NOTE: some...

6CVSS6.1AI score0.0019EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/18 8:48 a.m.9 views

CVE-2026-55748

A flaw was found in OpenStack Horizon. This vulnerability allows a highly privileged remote attacker, with user interaction, to craft a project name containing shell metacharacters. When scripts for OpenStack RC file downloading are produced, these metacharacters may be processed, potentially...

6CVSS5AI score0.0019EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/06/17 6:35 p.m.12 views

OpenStack Horizon RC file generation does not escape special characters in project names

OpenStack Horizon before 25.7.4 produces scripts for OpenStack RC file downloading that may have a crafted project name with shell metacharacters. NOTE: some parties consider this a security hardening opportunity to address certain types of user error, not a vulnerability...

6CVSS5.3AI score0.0019EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2026/06/17 3:17 p.m.12 views

CVE-2026-55748

OpenStack Horizon before 25.7.4 produces scripts for OpenStack RC file downloading that may have a crafted project name with shell metacharacters. NOTE: some parties consider this a security hardening opportunity to address certain types of user error, not a vulnerability...

6CVSS0.0019EPSS
Exploits0References2
OSV
OSV
added 2026/06/17 3:17 p.m.7 views

UBUNTU-CVE-2026-55748

OpenStack Horizon before 25.7.4 produces scripts for OpenStack RC file downloading that may have a crafted project name with shell metacharacters. NOTE: some parties consider this a security hardening opportunity to address certain types of user error, not a vulnerability...

6CVSS5.8AI score0.0019EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/17 2:12 p.m.10 views

EUVD-2026-37723

OpenStack Horizon before 25.7.4 produces scripts for OpenStack RC file downloading that may have a crafted project name with shell metacharacters. NOTE: some parties consider this a security hardening opportunity to address certain types of user error, not a vulnerability...

6CVSS5.4AI score0.0019EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/17 2:12 p.m.8 views

CVE-2026-55748

OpenStack Horizon before 25.7.4 produces scripts for OpenStack RC file downloading that may have a crafted project name with shell metacharacters. NOTE: some parties consider this a security hardening opportunity to address certain types of user error, not a vulnerability...

6CVSS5.3AI score0.0019EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/17 2:12 p.m.30 views

CVE-2026-55748

OpenStack Horizon before 25.7.4 produces scripts for OpenStack RC file downloading that may have a crafted project name with shell metacharacters. NOTE: some parties consider this a security hardening opportunity to address certain types of user error, not a vulnerability...

6CVSS0.0019EPSS
Exploits0References2
CVE
CVE
added 2026/06/17 2:12 p.m.16 views

CVE-2026-55748

OpenStack Horizon prior to 25.7.4 can generate scripts for downloading OpenStack RC files where a crafted project name containing shell metacharacters is possible. The description notes this as a security hardening opportunity rather than a vulnerability, and the CVSS 3.1 metrics indicate a MEDIU...

6CVSS5.4AI score0.0019EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/06 8:20 a.m.9 views

CVE-2026-43002

An issue was discovered in OpenStack Horizon 25.6 and 25.7 before 25.7.3. There is a write operation to the session storage backend before authentication and thus storage can be exhausted by unauthenticated requests. This is a regression of the CVE-2014-8124 fix...

5.3CVSS5.8AI score0.00365EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/05/05 6:33 p.m.18 views

OpenStack Horizon has Incorrect Behavior Order

An issue was discovered in OpenStack Horizon 25.6 and 25.7 before 25.7.3. There is a write operation to the session storage backend before authentication and thus storage can be exhausted by unauthenticated requests. This is a regression of the CVE-2014-8124 fix...

5.3CVSS5.8AI score0.00365EPSS
Exploits0References5Affected Software1
EUVD
EUVD
added 2026/05/05 6:33 p.m.8 views

EUVD-2026-27406

An issue was discovered in OpenStack Horizon 25.6 and 25.7 before 25.7.3. There is a write operation to the session storage backend before authentication and thus storage can be exhausted by unauthenticated requests. This is a regression of the CVE-2014-8124 fix...

5.3CVSS5.8AI score0.02864EPSS
Exploits0References3
OSV
OSV
added 2026/05/05 6:33 p.m.7 views

GHSA-VXVF-XVM3-P8J5 OpenStack Horizon has Incorrect Behavior Order

An issue was discovered in OpenStack Horizon 25.6 and 25.7 before 25.7.3. There is a write operation to the session storage backend before authentication and thus storage can be exhausted by unauthenticated requests. This is a regression of the CVE-2014-8124 fix...

5.3CVSS5.8AI score0.00365EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2026/05/05 5:17 p.m.7 views

CVE-2026-43002

An issue was discovered in OpenStack Horizon 25.6 and 25.7 before 25.7.3. There is a write operation to the session storage backend before authentication and thus storage can be exhausted by unauthenticated requests. This is a regression of the CVE-2014-8124 fix...

5.3CVSS5.8AI score0.00365EPSS
Exploits0References3
OSV
OSV
added 2026/05/05 5:17 p.m.17 views

UBUNTU-CVE-2026-43002

An issue was discovered in OpenStack Horizon 25.6 and 25.7 before 25.7.3. There is a write operation to the session storage backend before authentication and thus storage can be exhausted by unauthenticated requests. This is a regression of the CVE-2014-8124 fix...

5.3CVSS5.8AI score0.00365EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2026/05/05 12:0 a.m.7 views

CVE-2026-43002

An issue was discovered in OpenStack Horizon 25.6 and 25.7 before 25.7.3. There is a write operation to the session storage backend before authentication and thus storage can be exhausted by unauthenticated requests. This is a regression of the CVE-2014-8124 fix...

5.3CVSS5.8AI score0.00365EPSS
Exploits0
Cvelist
Cvelist
added 2026/05/05 12:0 a.m.35 views

CVE-2026-43002

An issue was discovered in OpenStack Horizon 25.6 and 25.7 before 25.7.3. There is a write operation to the session storage backend before authentication and thus storage can be exhausted by unauthenticated requests. This is a regression of the CVE-2014-8124 fix...

5.3CVSS0.00365EPSS
Exploits0References3
Rows per page
Query Builder