ROS-20260129-73-0001

Vulnerability in openstack-barbican related to authentication bypass due to an initial bug. Exploitation of the vulnerability could allow an attacker acting remotely to escalate their privileges...

ROS-20260129-73-0002

Vulnerability in openstack-barbican related to lack of protection of proprietary data. Exploitation of the vulnerability may allow a remote attacker to gain unauthorized access to protected information...

ROS-20260129-73-0003

Vulnerability in openstack-barbican related to insufficient spatial partitioning. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

EUVD-2023-2449

Malicious code in bioql PyPI...

EUVD-2022-6888

Malicious code in bioql PyPI...

EUVD-2022-42529

Malicious code in bioql PyPI...

EUVD-2022-6721

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2022-3100

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the openstack-barbican component. This issue allows an access policy bypass via a query string when accessing the API. CVE-2022-3100 Note th...

Linux Distros Unpatched Vulnerability : CVE-2022-23452

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An authorization flaw was found in openstack-barbican, where anyone with an admin role could add secrets to a different project container. This flaw allows an...

Linux Distros Unpatched Vulnerability : CVE-2022-23451

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An authorization flaw was found in openstack-barbican. The default policy rules for the secret metadata API allowed any authenticated user to add, modify, or...

RHSA-2023:6231 Red Hat Security Advisory: Red Hat OpenStack Platform 16.2 (openstack-barbican) security update

Bulletin has no description...

RHEL 8 : Red Hat OpenStack Platform 16.2 (openstack-barbican) (RHSA-2023:6231)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:6231 advisory. Barbican is a ReST API designed for the secure storage, provisioning and management of secrets, including in OpenStack environments. Security Fixes:...

openstack-barbican: Insecure Barbican configuration file leaking credential

A credentials leak flaw was found in OpenStack Barbican. This flaw allows a local authenticated attacker to read the configuration file, gaining access to sensitive credentials...

GHSA-6QQP-4VM3-359V OpenStack Barbican credential leak flaw

A credentials leak flaw was found in OpenStack Barbican. This flaw allows a local authenticated attacker to read the configuration file, gaining access to sensitive credentials...

CVE-2023-1633

A credentials leak flaw was found in OpenStack Barbican. This flaw allows a local authenticated attacker to read the configuration file, gaining access to sensitive credentials...

CVE-2023-1633

A credentials leak flaw was found in OpenStack Barbican. This flaw allows a local authenticated attacker to read the configuration file, gaining access to sensitive credentials...

CVE-2023-1636

A vulnerability was found in OpenStack Barbican containers. This vulnerability is only applicable to deployments that utilize an all-in-one configuration. Barbican containers share the same CGROUP, USER, and NET namespace with the host system and other OpenStack services. If any service is...

CVE-2023-1633

A credentials leak flaw was found in OpenStack Barbican. This flaw allows a local authenticated attacker to read the configuration file, gaining access to sensitive credentials...

CVE-2023-1633

A credentials leak flaw was found in OpenStack Barbican. This flaw allows a local authenticated attacker to read the configuration file, gaining access to sensitive credentials...

CVE-2023-1633 Insecure barbican configuration file leaking credential

A credentials leak flaw was found in OpenStack Barbican. This flaw allows a local authenticated attacker to read the configuration file, gaining access to sensitive credentials...