7743 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-16613
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in middleware.py in OpenStack Swauth through 1.2.0 when used with OpenStack Swift through 2.15.1. The Swift object store and proxy serve...
Linux Distros Unpatched Vulnerability : CVE-2021-4180
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An information exposure flaw in openstack-tripleo-heat-templates allows an external user to discover the internal IP or hostname. An attacker could exploit this...
Linux Distros Unpatched Vulnerability : CVE-2022-3261
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in OpenStack. Multiple components show plain-text passwords in /var/log/messages during the OpenStack overcloud update run, leading to a...
Linux Distros Unpatched Vulnerability : CVE-2015-5303
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The TripleO Heat templates tripleo-heat-templates, when deployed via the commandline interface, allow remote attackers to spoof OpenStack Networking metadata...
Linux Distros Unpatched Vulnerability : CVE-2021-3585
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in openstack-tripleo-heat-templates. Plain passwords from RHSM exist in the logs during OSP13 deployment with subscription-manager. CVE-2021-35...
Linux Distros Unpatched Vulnerability : CVE-2015-2687
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenStack Compute nova Icehouse, Juno and Havana when live migration fails allows local users to access VM volumes that they would normally not have permissions...
Linux Distros Unpatched Vulnerability : CVE-2022-4134
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in openstack-glance. This issue could allow a remote, authenticated attacker to tamper with images, compromising the integrity of virtual...
Linux Distros Unpatched Vulnerability : CVE-2025-44021
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenStack Ironic before 29.0.1 can write unintended files to a target node disk during image handling if a deployment was performed via the API. A malicious...
Linux Distros Unpatched Vulnerability : CVE-2024-7319
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An incomplete fix for CVE-2023-1625 was found in openstack-heat. Sensitive information may possibly be disclosed through the OpenStack stack abandon command wit...
Linux Distros Unpatched Vulnerability : CVE-2022-38065
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A privilege escalation vulnerability exists in the oslo.privsep functionality of OpenStack git master 05194e7618 and prior. Overly permissive functionality with...
Linux Distros Unpatched Vulnerability : CVE-2024-40767
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In OpenStack Nova before 27.4.1, 28 before 28.2.1, and 29 before 29.1.1, by supplying a raw format image that is actually a crafted QCOW2 image with a backing...
Linux Distros Unpatched Vulnerability : CVE-2019-15753
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In OpenStack os-vif 1.15.x before 1.15.2, and 1.16.0, a hard-coded MAC aging time of 0 disables MAC learning in linuxbridge, forcing obligatory Ethernet floodin...
Linux Distros Unpatched Vulnerability : CVE-2022-3277
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An uncontrolled resource consumption flaw was found in openstack-neutron. This flaw allows a remote authenticated user to query a list of security groups for an...
Linux Distros Unpatched Vulnerability : CVE-2021-38155
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenStack Keystone 10.x through 16.x before 16.0.2, 17.x before 17.0.1, 18.x before 18.0.1, and 19.x before 19.0.1 allows information disclosure during account...
Linux Distros Unpatched Vulnerability : CVE-2021-38598
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenStack Neutron before 16.4.1, 17.x before 17.1.3, and 18.0.0 allows hardware address impersonation when the linuxbridge driver with ebtables-nft is used on a...
Linux Distros Unpatched Vulnerability : CVE-2021-40797
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the routes middleware in OpenStack Neutron before 16.4.1, 17.x before 17.2.1, and 18.x before 18.1.1. By making API requests involvin...
Linux Distros Unpatched Vulnerability : CVE-2024-32498
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in OpenStack Cinder through 24.0.0, Glance before 28.0.2, and Nova before 29.0.3. Arbitrary file access can occur via custom QCOW2...
Linux Distros Unpatched Vulnerability : CVE-2021-20267
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in openstack-neutron's default Open vSwitch firewall rules. By sending carefully crafted packets, anyone in control of a server instance...
Linux Distros Unpatched Vulnerability : CVE-2018-14636
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Live-migrated instances are briefly able to inspect traffic for other instances on the same hypervisor. This brief window could be extended indefinitely if the...
Linux Distros Unpatched Vulnerability : CVE-2017-8761
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In OpenStack Swift through 2.10.1, 2.11.0 through 2.13.0, and 2.14.0, the proxy-server logs full tempurl paths, potentially leaking reusable tempurl signatures ...