31 matches found
PT-2026-3233
Name of the Vulnerable Software and Affected Versions OpenStack affected versions not specified Description An issue exists in OpenStack’s keystonemiddleware component that could allow for privilege escalation or impersonation. An authenticated attacker may be able to elevate their privileges or...
EUVD-2021-26893
Malware in sbrugna...
EUVD-2013-1108
Malware in sbrugna...
EUVD-2017-17149
Malware in sbrugna...
EUVD-2017-0145
Malware in sbrugna...
EUVD-2023-2450
Malicious code in bioql PyPI...
EUVD-2022-2621
Malicious code in bioql PyPI...
EUVD-2022-3595
Malicious code in bioql PyPI...
EUVD-2022-1885
Malicious code in bioql PyPI...
EUVD-2022-15759
Malicious code in bioql PyPI...
EUVD-2022-5126
Malicious code in bioql PyPI...
EUVD-2022-4842
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2024-32498
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in OpenStack Cinder through 24.0.0, Glance before 28.0.2, and Nova before 29.0.3. Arbitrary file access can occur via custom QCOW2...
Race Condition
OpenStack is vulnerable to Race Condition. The vulnerability is due to inadequate validation when deleting non-existent access rules, leading to the removal of unrelated existing access rules that lack application credential associations...
[SECURITY] [DLA 3873-1] nova security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3873-1 [email protected] https://www.debian.org/lts/security/ Thomas Goirand September 05, 2024 https://wiki.debian.org/LTS -...
[SECURITY] [DSA 5755-1] glance security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5755-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 21, 2024 https://www.debian.org/security/faq -...
OpenStack 安全漏洞
OpenStack is a cloud platform management program of the National Aeronautics and Space Administration NASA. A security vulnerability exists in OpenStack that stems from allowing remote attackers to execute arbitrary code via the gateway.py component...
CVE-2023-2088
A flaw was found in OpenStack due to an inconsistency between Cinder and Nova. This issue can be triggered intentionally or by accident. A remote, authenticated attacker could exploit this vulnerability by detaching one of their volumes from Cinder. The highest impact is to confidentiality...
CVE-2022-47951
An issue was discovered in OpenStack Cinder before 19.1.2, 20.x before 20.0.2, and 21.0.0; Glance before 23.0.1, 24.x before 24.1.1, and 25.0.0; and Nova before 24.1.2, 25.x before 25.0.2, and 26.0.0. By supplying a specially created VMDK flat image that references a specific backing file path, a...
Privilege escalation
A privilege escalation vulnerability exists in the oslo.privsep functionality of OpenStack git master 05194e7618 and prior. Overly permissive functionality within tools leveraging this library within a container can lead increased privileges...