155 matches found
RHSA-2020:4391 Red Hat Security Advisory: openstack-cinder security update
Bulletin has no description...
RHSA-2023:1016 Red Hat Security Advisory: Red Hat OpenStack Platform 17.0 (openstack-cinder) security update
Bulletin has no description...
RHSA-2019:0917 Red Hat Security Advisory: openstack-cinder security and bug fix update
Bulletin has no description...
RHSA-2018:3601 Red Hat Security Advisory: openstack-cinder security and bug fix update
Bulletin has no description...
RHSA-2016:2923 Red Hat Security Advisory: openstack-cinder and openstack-glance security update
Bulletin has no description...
RHSA-2017:0156 Red Hat Security Advisory: openstack-cinder security update
Bulletin has no description...
RHSA-2016:2991 Red Hat Security Advisory: openstack-cinder, openstack-glance, and openstack-nova update
Bulletin has no description...
RHSA-2017:0165 Red Hat Security Advisory: openstack-cinder security update
Bulletin has no description...
RHSA-2017:0153 Red Hat Security Advisory: openstack-cinder security update
Bulletin has no description...
DEBIAN-CVE-2024-32498
An issue was discovered in OpenStack Cinder through 24.0.0, Glance before 28.0.2, and Nova before 29.0.3. Arbitrary file access can occur via custom QCOW2 external data. By supplying a crafted QCOW2 image that references a specific data file path, an authenticated user may convince systems to...
UBUNTU-CVE-2024-32498
An issue was discovered in OpenStack Cinder through 24.0.0, Glance before 28.0.2, and Nova before 29.0.3. Arbitrary file access can occur via custom QCOW2 external data. By supplying a crafted QCOW2 image that references a specific data file path, an authenticated user may convince systems to...
PT-2024-24616 · Openstack +2 · Openstack Cinder +4
Name of the Vulnerable Software and Affected Versions: OpenStack Cinder versions through 24.0.0 OpenStack Glance versions before 28.0.2 OpenStack Nova versions before 29.0.3 Description: An issue was discovered in OpenStack, allowing arbitrary file access via custom QCOW2 external data. By...
RHEL 9 : Red Hat OpenStack Platform 17.0 (RHSA-2023:3157)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:3157 advisory. Security Fixes: EMBARGOED CVE-2023-2088 openstack-cinder: silently access other user's volumes CVE-2023-2088 For more details about the security...
RHEL 7 : Red Hat OpenStack Platform 13.0 (RHSA-2023:3161)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:3161 advisory. Security Fixes: EMBARGOED CVE-2023-2088 openstack-cinder: silently access other user's volumes CVE-2023-2088 For more details about the security...
RHEL 8 : Red Hat OpenStack Platform 16.1 (RHSA-2023:3156)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:3156 advisory. Security Fixes: EMBARGOED CVE-2023-2088 openstack-cinder: silently access other user's volumes CVE-2023-2088 For more details about the security...
RHEL 7 : openstack-cinder (RHSA-2019:0917)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:0917 advisory. OpenStack Block Storage cinder manages block storage mounting and the presentation of such mounted block storage to instances. The backend physical...
RHEL 6 : openstack-cinder (RHSA-2014:1787)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:1787 advisory. OpenStack Block Storage cinder manages block storage mounting and the presentation of such mounted block storage to instances. The backend...
RHEL 6 : openstack-cinder (RHSA-2013:1198)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2013:1198 advisory. The openstack-cinder packages provide OpenStack Volume Cinder, which provides services to manage and access block storage volumes for use by...
openstack-cinder: silently access other user's volumes
A flaw was found in OpenStack due to an inconsistency between Cinder and Nova. This issue can be triggered intentionally or by accident. A remote, authenticated attacker could exploit this vulnerability by detaching one of their volumes from Cinder. The highest impact is to confidentiality...
Critical: Red Hat Security Advisory: Red Hat OpenStack Platform 13.0 security update
An update for openstack-nova is now available for Red Hat OpenStack Platform 13 Queens. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...