RHEL 6 / 7 : openstack-nova (RHSA-2015:1898)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2015:1898 advisory. OpenStack Compute nova launches and schedules large networks of virtual machines, creating a redundant and scalable cloud computing...

RHEL 7 : openstack-packstack and openstack-puppet-modules (RHSA-2015:0789)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2015:0789 advisory. PackStack is a command-line utility for deploying OpenStack on existing servers over an SSH connection. Deployment options are provided either...

RHEL 7 : puppet-swift (RHSA-2017:0200)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2017:0200 advisory. puppet-swift is the Puppet module used by Red Hat OpenStack Platform director to install OpenStack Object Storage swift. Security Fixes: An...

RHEL 7 : openstack-keystone (RHSA-2017:1597)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2017:1597 advisory. The OpenStack Identity service keystone authenticates and authorizes OpenStack users by keeping track of users and their permitted activities. The...

RHEL 6 : openstack-keystone (RHSA-2014:0113)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2014:0113 advisory. The openstack-keystone packages provide keystone, a Python implementation of the OpenStack Identity service API, which provides Identity, Token,...

RHEL 6 : openstack-glance (RHSA-2014:1685)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2014:1685 advisory. OpenStack Image service glance provides discovery, registration, and delivery services for disk and server images. It provides the ability to copy or...

RHEL 7 : openstack-manila-ui (RHSA-2016:2116)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2016:2116 advisory. OpenStack's File Share Service manila provides the means to easily provision shared file systems that can be consumed by multiple instances. These...

RHEL 6 : openstack-swift (RHSA-2013:1197)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2013:1197 advisory. OpenStack Swift http://swift.openstack.org is a highly available, distributed, eventually consistent object/blob store. A denial of service flaw in...

RHEL 6 : openstack-keystone (RHSA-2014:0089)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2014:0089 advisory. The openstack-keystone packages provide keystone, a Python implementation of the OpenStack Identity service API, which provides Identity, Token,...

RHEL 6 : openstack-keystone (RHSA-2014:0994)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:0994 advisory. The OpenStack Identity service keystone authenticates and authorizes OpenStack users by keeping track of users and their permitted activitie...

RHEL 7 : Red Hat OpenStack Platform director (RHSA-2017:1242)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2017:1242 advisory. Red Hat OpenStack Platform director provides the facilities for deploying and monitoring a private or public infrastructure-as-a-service IaaS cloud...

RHEL 7 : openstack-heat (RHSA-2017:1450)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2017:1450 advisory. OpenStack Orchestration heat is a template-driven engine used to specify and deploy configurations for Compute, Storage, and OpenStack Networking. Th...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.16.19 bug fix and security update

Red Hat OpenShift Container Platform release 4.16.19 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.16. Red Hat Product Security has rated this update as having a...

Virtuozzo Hybrid Infrastructure 6.3 (6.3.0-170)

In this release, Virtuozzo Hybrid Infrastructure provides a range of new features that cover the compute service and our ecosystem of backup and disaster recovery solutions. Additionally, this release delivers stability and security improvements, and addresses issues found in previous releases...

openstack-ironic: Specially crafted image may allow authenticated users to gain access to potentially sensitive data

A vulnerability was found in OpenStack Ironic. This flaw allows an authenticated user to use a specially crafted image to exploit undesired behaviors in qemu-img, including possible unauthorized access to potentially sensitive data...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.15.36 security update

Red Hat OpenShift Container Platform release 4.15.36 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.15. Red Hat Product Security has rated this update as having a...

Man-in-the-middle(MitM)

OpenStack Ironic is vulnerable to Man-in-the-middleMitM. The vulnerability is due to the lack of checksum validation on the supplied imagesource URLs, allows for the possibility of malicious actors manipulating the image data during the conversion process...

CVE-2024-47211

A flaw was found in OpenStack Ironic. The lack of checksum verification allows an attacker with access to the images to modify an image without the change noticed by OpenStack. This issue leads to integrity issues in the image. Mitigation Mitigation for this issue is either not available or the...

GHSA-8H22-6QWX-Q4W9 OpenStack Ironic fails to verify checksums of supplied image_source URLs

In OpenStack Ironic before 21.4.4, 22.x and 23.x before 23.0.3, 23.x and 24.x before 24.1.3, and 25.x and 26.x before 26.1.0, there is a lack of checksum validation of supplied imagesource URLs when configured to convert images to a raw format for streaming...

OpenStack Ironic fails to verify checksums of supplied image_source URLs

In OpenStack Ironic before 21.4.4, 22.x and 23.x before 23.0.3, 23.x and 24.x before 24.1.3, and 25.x and 26.x before 26.1.0, there is a lack of checksum validation of supplied imagesource URLs when configured to convert images to a raw format for streaming...