Important: Red Hat Security Advisory: Red Hat OpenStack Platform 16.1.9 (openstack-nova) security update

An update for openstack-nova is now available for Red Hat OpenStack Platform 16.1 Train. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

RHEL 8 : Red Hat OpenStack Platform 16.1.9 (openstack-nova) (RHSA-2024:5113)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:5113 advisory. OpenStack Compute codename Nova is open source software designed to provision and manage large networks of virtual machines,creating a redundant and...

openstack-nova: Regression VMDK/qcow arbitrary file access

An arbitrary file access flaw was found in Nova. By supplying a RAW format image, a specially crafted QCOW2 image with a backing file path, or a VMDK flat image with a descriptor file path, an authenticated user may convince systems to return a copy of the referenced file’s contents from the...

Important: Red Hat Security Advisory: Red Hat OpenStack Platform 16.2.6 security update

Updated packages that resolve various issues are now available for Red Hat OpenStack Platform 16.2 Train for Red Hat Enterprise Linux RHEL 8.4. Red Hat Product Security has rated this update as having a security impact of Important. Red Hat OpenStack Platform provides the facilities for building,...

Important: Red Hat Security Advisory: Red Hat OpenStack Platform 17.1.3 security update

Updated packages that resolve various issues are now available for Red Hat OpenStack Platform 17.1 Wallaby for Red Hat Enterprise Linux RHEL 9.2. Red Hat Product Security has rated this update as having a security impact of Important. Red Hat OpenStack Platform provides the facilities for buildin...

openstack-nova: Regression VMDK/qcow arbitrary file access

An arbitrary file access flaw was found in Nova. By supplying a RAW format image, a specially crafted QCOW2 image with a backing file path, or a VMDK flat image with a descriptor file path, an authenticated user may convince systems to return a copy of the referenced file’s contents from the...

Important: Red Hat Security Advisory: Red Hat OpenStack Platform 17.1.3 security update

Updated packages that resolve various issues are now available for Red Hat OpenStack Platform 17.1 Wallaby for Red Hat Enterprise Linux RHEL 8.4. Red Hat Product Security has rated this update as having a security impact of Important. Red Hat OpenStack Platform provides the facilities for buildin...

openstack-nova: Regression VMDK/qcow arbitrary file access

An arbitrary file access flaw was found in Nova. By supplying a RAW format image, a specially crafted QCOW2 image with a backing file path, or a VMDK flat image with a descriptor file path, an authenticated user may convince systems to return a copy of the referenced file’s contents from the...

RHEL 8 : Red Hat OpenStack Platform 16.2.6 (RHSA-2024:5097)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:5097 advisory. Red Hat OpenStack Platform provides the facilities for building, deploying and monitoring a private or public infrastructure-as-a-service IaaS cloud...

RHEL 9 : Red Hat OpenStack Platform 17.1.3 (RHSA-2024:5083)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:5083 advisory. Red Hat OpenStack Platform provides the facilities for building, deploying and monitoring a private or public infrastructure-as-a-service IaaS cloud...

GHSA-2FQR-CX7Q-3PH8 openstack-heat may disclose sensitive information

An incomplete fix for CVE-2023-1625 was found in openstack-heat. Sensitive information may possibly be disclosed through the OpenStack stack abandon command with the hidden feature set to True and the CVE-2023-1625 fix applied...

openstack-heat may disclose sensitive information

An incomplete fix for CVE-2023-1625 was found in openstack-heat. Sensitive information may possibly be disclosed through the OpenStack stack abandon command with the hidden feature set to True and the CVE-2023-1625 fix applied...

CVE-2024-7319

An incomplete fix for CVE-2023-1625 was found in openstack-heat. Sensitive information may possibly be disclosed through the OpenStack stack abandon command with the hidden feature set to True and the CVE-2023-1625 fix applied...

DEBIAN-CVE-2024-7319

An incomplete fix for CVE-2023-1625 was found in openstack-heat. Sensitive information may possibly be disclosed through the OpenStack stack abandon command with the hidden feature set to True and the CVE-2023-1625 fix applied...

CVE-2024-7319

An incomplete fix for CVE-2023-1625 was found in openstack-heat. Sensitive information may possibly be disclosed through the OpenStack stack abandon command with the hidden feature set to True and the CVE-2023-1625 fix applied...

CVE-2024-7319

An incomplete fix for CVE-2023-1625 was found in openstack-heat. Sensitive information may possibly be disclosed through the OpenStack stack abandon command with the hidden feature set to True and the CVE-2023-1625 fix applied...

UBUNTU-CVE-2024-7319

An incomplete fix for CVE-2023-1625 was found in openstack-heat. Sensitive information may possibly be disclosed through the OpenStack stack abandon command with the hidden feature set to True and the CVE-2023-1625 fix applied...

CVE-2024-7319

An incomplete fix for CVE-2023-1625 was found in openstack-heat. Sensitive information may possibly be disclosed through the OpenStack stack abandon command with the hidden feature set to True and the CVE-2023-1625 fix applied...

CVE-2024-7319 Openstack-heat: incomplete fix for cve-2023-1625

An incomplete fix for CVE-2023-1625 was found in openstack-heat. Sensitive information may possibly be disclosed through the OpenStack stack abandon command with the hidden feature set to True and the CVE-2023-1625 fix applied...

CVE-2024-7319 Openstack-heat: incomplete fix for cve-2023-1625

An incomplete fix for CVE-2023-1625 was found in openstack-heat. Sensitive information may possibly be disclosed through the OpenStack stack abandon command with the hidden feature set to True and the CVE-2023-1625 fix applied...