Important: Red Hat Security Advisory: Red Hat OpenStack Platform 17.1 (python-yaql and openstack-tripleo-heat-templates) security update

An update for python-yaql and openstack-tripleo-heat-templates is now available for Red Hat OpenStack Platform 17.1 Wallaby. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

PT-2024-22537 · Openstack · Openstack Storlets

Name of the Vulnerable Software and Affected Versions: OpenStack Storlets version yoga-eom Description: The issue allows a remote attacker to execute arbitrary code via the gateway.py component. Recommendations: For OpenStack Storlets version yoga-eom, at the moment, there is no information about...

RHEL 8 : Red Hat OpenStack Platform 17.1 (openstack-tripleo-heat-templates and python-yaql) (RHSA-2024:1930)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:1930 advisory. Heat templates for TripleO YAQL library has a out of the box large set of commonly used functions. Security Fixes: OpenStack Murano Component...

OpenStack Storlets 安全漏洞

OpenStack Storlets is an Openstack Swift extension to OpenStack open source. A security vulnerability exists in OpenStack Storlets. A remote attacker can exploit this vulnerability to execute arbitrary code via the gateway.py component...

CVE-2024-28717

An issue in OpenStack Storlets yoga-eom allows a remote attacker to execute arbitrary code via the gateway.py component...

CVE-2024-28717

An issue in OpenStack Storlets yoga-eom allows a remote attacker to execute arbitrary code via the gateway.py component...

CVE-2024-28717

CVE-2024-28717 affects OpenStack Storlets (yoga-eom) with a remote code execution risk through the gateway.py component. The connected documents consistently describe arbitrary code execution via gateway.py, but do not provide concrete vendor/version details beyond OpenStack Storlets yoga-eom, no...

RHEL 6 : openstack-keystone (RHSA-2013:1285)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2013:1285 advisory. The openstack-keystone packages provide Keystone, a Python implementation of the OpenStack identity service API, which provides Identity, Token,...

RHEL 6 : openstack-cinder (RHSA-2013:1198)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2013:1198 advisory. The openstack-cinder packages provide OpenStack Volume Cinder, which provides services to manage and access block storage volumes for use by...

RHEL 6 : openstack-keystone (RHSA-2013:0994)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2013:0994 advisory. The openstack-keystone packages provide Keystone, a Python implementation of the OpenStack identity service API, which provides Identity, Token,...

CVE-2024-31463

A vulnerability was found in Ironic-image. This issue occurs when setting IRONICREVERSEPROXYSETUP to 'true', which may allow unauthenticated local access to the Ironic API private port without authentication. Mitigation Below are two mitigations for this vulnerability: 1. Switch to using unix...

CVE-2024-31463

Ironic-image is an OpenStack Ironic deployment packaged and configured by Metal3. When the reverse proxy mode is enabled by the IRONICREVERSEPROXYSETUP variable set to true, 1 HTTP basic credentials are validated on the HTTPD side in a separate container, not in the Ironic service itself and 2...

CVE-2024-31463

The CVE-2024-31463 entry concerns Ironic-image in reverse proxy mode. When IRONIC_REVERSE_PROXY_SETUP is true, HTTP basic creds are validated in the HTTPD container and Ironic listens on a private port (6388) on localhost, enabling unauthenticated access to the Ironic API for pods/local users on ...

CVE-2024-31463 Ironic-image allows unauthenticated local access to Ironic API

Ironic-image is an OpenStack Ironic deployment packaged and configured by Metal3. When the reverse proxy mode is enabled by the IRONICREVERSEPROXYSETUP variable set to true, 1 HTTP basic credentials are validated on the HTTPD side in a separate container, not in the Ironic service itself and 2...

CVE-2024-31463 Ironic-image allows unauthenticated local access to Ironic API

Ironic-image is an OpenStack Ironic deployment packaged and configured by Metal3. When the reverse proxy mode is enabled by the IRONICREVERSEPROXYSETUP variable set to true, 1 HTTP basic credentials are validated on the HTTPD side in a separate container, not in the Ironic service itself and 2...

CVE-2024-31463 Ironic-image allows unauthenticated local access to Ironic API

Ironic-image is an OpenStack Ironic deployment packaged and configured by Metal3. When the reverse proxy mode is enabled by the IRONICREVERSEPROXYSETUP variable set to true, 1 HTTP basic credentials are validated on the HTTPD side in a separate container, not in the Ironic service itself and 2...

SUSE CVE-2024-28718

An issue in OpenStack magnum yoga-eom version allows a remote attacker to execute arbitrary code via the certmanager.py. component...

OpenStack magnum vulnerable to time-of-check to time-of-use (TOCTOU) attack

An issue in OpenStack magnum yoga-eom version allows a remote attacker to execute arbitrary code via the certmanager.py. component...

GHSA-JX7X-9R98-H5XR OpenStack magnum vulnerable to time-of-check to time-of-use (TOCTOU) attack

An issue in OpenStack magnum yoga-eom version allows a remote attacker to execute arbitrary code via the certmanager.py. component...

CVE-2024-28718

An issue in OpenStack magnum yoga-eom version allows a remote attacker to execute arbitrary code via the certmanager.py. component...