USN-6293-1: OpenStack Heat vulnerability

It was discovered that OpenStack Heat incorrectly handled certain hidden parameter values. A remote authenticated user could possibly use this issue to obtain sensitive data...

USN-6293-1 heat vulnerability

It was discovered that OpenStack Heat incorrectly handled certain hidden parameter values. A remote authenticated user could possibly use this issue to obtain sensitive data...

Moderate: Red Hat Security Advisory: Release of containers for Red Hat OpenStack Platform 17.1 director Operator

Red Hat OpenStack Platform 17.1 Wallaby director Operator containers are now available. Release of Red Hat OpenStack Platform 17.1 Wallaby director Operator containers provides these changes: Security Fixes: github.com/Masterminds/vcs: Command Injection via argument injection CVE-2022-21235 For...

Ubuntu 22.04 LTS : OpenStack Heat vulnerability (USN-6293-1)

The remote Ubuntu 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6293-1 advisory. It was discovered that OpenStack Heat incorrectly handled certain hidden parameter values. A remote authenticated user could possibly use this issue to obtain...

Keystone 安全漏洞

Keystone is a powerful OpenStack open source CMS designed to help you build and scale faster than any other Cms or application framework. Keystone has a security vulnerability that stems from adminMeta GraphQL queries being publicly accessible when ui.isAccessAllowed is set to undefined...

SUSE: Security Advisory (SUSE-SU-2023:3232-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2023:3174-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2023:3030-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE CVE-2022-38060

A privilege escalation vulnerability exists in the sudo functionality of OpenStack Kolla git master 05194e7618. A misconfiguration in /etc/sudoers within a container can lead to increased privileges...

openstack-neutron: unrestricted creation of security groups (fix for CVE-2022-3277)

An uncontrolled resource consumption flaw was found in openstack-neutron. This flaw allows a remote authenticated user to query a list of security groups for an invalid project. This issue creates resources that are unconstrained by the user's quota. If a malicious user were to submit a significa...

Moderate: Red Hat Security Advisory: Red Hat OpenStack Platform 16.2 (openstack-neutron) security update

An update for openstack-neutron is now available for Red Hat OpenStack Platform 16.2 Train. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Ubuntu: Security Advisory (USN-6245-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GHSA-R3JH-QHGJ-GVR8 Denial of service in neutron

An uncontrolled resource consumption flaw was found in openstack-neutron. This flaw allows a remote authenticated user to query a list of security groups for an invalid project. This issue creates resources that are unconstrained by the user's quota. If a malicious user were to submit a significa...

Denial of service in neutron

An uncontrolled resource consumption flaw was found in openstack-neutron. This flaw allows a remote authenticated user to query a list of security groups for an invalid project. This issue creates resources that are unconstrained by the user's quota. If a malicious user were to submit a significa...

USN-6245-1: Trove vulnerabilities

Adam Bell discovered that Trove incorrectly handled arguments to the backup command. A remote attacker could possibly use this issue to execute arbitrary code...

USN-6245-1 openstack-trove vulnerabilities

Adam Bell discovered that Trove incorrectly handled arguments to the backup command. A remote attacker could possibly use this issue to execute arbitrary code...

CVE-2023-3637

An uncontrolled resource consumption flaw was found in openstack-neutron. This flaw allows a remote authenticated user to query a list of security groups for an invalid project. This issue creates resources that are unconstrained by the user's quota. If a malicious user were to submit a significa...

CVE-2023-3637

An uncontrolled resource consumption flaw was found in openstack-neutron. This flaw allows a remote authenticated user to query a list of security groups for an invalid project. This issue creates resources that are unconstrained by the user's quota. If a malicious user were to submit a significa...

CVE-2023-3637

An uncontrolled resource consumption flaw was found in openstack-neutron. This flaw allows a remote authenticated user to query a list of security groups for an invalid project. This issue creates resources that are unconstrained by the user's quota. If a malicious user were to submit a significa...

Code injection

An uncontrolled resource consumption flaw was found in openstack-neutron. This flaw allows a remote authenticated user to query a list of security groups for an invalid project. This issue creates resources that are unconstrained by the user's quota. If a malicious user were to submit a significa...