Linux Distros Unpatched Vulnerability : CVE-2017-8761

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In OpenStack Swift through 2.10.1, 2.11.0 through 2.13.0, and 2.14.0, the proxy-server logs full tempurl paths, potentially leaking reusable tempurl signatures ...

Linux Distros Unpatched Vulnerability : CVE-2016-4383

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The glance-manage db in all versions of HPE Helion Openstack Glance allows deleted image ids to be reassigned, which allows remote authenticated users to cause...

Linux Distros Unpatched Vulnerability : CVE-2013-4354

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The API before 2.1 in OpenStack Image Registry and Delivery Service Glance makes it easier for local users to inject images into arbitrary tenants by adding the...

Linux Distros Unpatched Vulnerability : CVE-2018-20170

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenStack Keystone through 14.0.1 has a user enumeration vulnerability because invalid usernames have much faster responses than valid ones for a POST...

Linux Distros Unpatched Vulnerability : CVE-2018-14635

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When using the Linux bridge ml2 driver, non-privileged tenants are able to create and attach ports without specifying an IP address, bypassing IP address...

Linux Distros Unpatched Vulnerability : CVE-2017-16239

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In OpenStack Nova through 14.0.9, 15.x through 15.0.7, and 16.x through 16.0.2, by rebuilding an instance, an authenticated user may be able to circumvent the...

Linux Distros Unpatched Vulnerability : CVE-2017-12155

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A resource-permission flaw was found in the openstack-tripleo-heat-templates package where ceph.client.openstack.keyring is created as world-readable. A local...

Linux Distros Unpatched Vulnerability : CVE-2020-10755

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An insecure-credentials flaw was found in all openstack-cinder versions before openstack-cinder 14.1.0, all openstack-cinder 15.x.x versions before...

Linux Distros Unpatched Vulnerability : CVE-2016-6519

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site scripting XSS vulnerability in the Shares overview in Openstack Manila before 2.5.1 allows remote authenticated users to inject arbitrary web script ...

Linux Distros Unpatched Vulnerability : CVE-2018-10898

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in openstack-tripleo-heat-templates before version 8.0.2-40. When deployed using Director using default configuration, Opendaylight in...

Linux Distros Unpatched Vulnerability : CVE-2022-47951

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in OpenStack Cinder before 19.1.2, 20.x before 20.0.2, and 21.0.0; Glance before 23.0.1, 24.x before 24.1.1, and 25.0.0; and Nova before...

Linux Distros Unpatched Vulnerability : CVE-2019-10141

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in openstack-ironic-inspector all versions excluding 5.0.2, 6.0.3, 7.2.4, 8.0.3 and 8.2.1. A SQL-injection vulnerability was found in...

Linux Distros Unpatched Vulnerability : CVE-2022-3100

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the openstack-barbican component. This issue allows an access policy bypass via a query string when accessing the API. CVE-2022-3100 Note th...

Linux Distros Unpatched Vulnerability : CVE-2022-47950

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in OpenStack Swift before 2.28.1, 2.29.x before 2.29.2, and 2.30.0. By supplying crafted XML files, an authenticated user may coerce the...

Linux Distros Unpatched Vulnerability : CVE-2020-12692

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. The EC2 API doesn't have a signature TTL check for AWS Signature V4. An attacker can...

Linux Distros Unpatched Vulnerability : CVE-2017-12440

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Aodh as packaged in Openstack Ocata and Newton before change-ID I8fd11a7f9fe3c0ea5f9843a89686ac06713b7851 and before Pike-rc1 does not verify that trust IDs...

Linux Distros Unpatched Vulnerability : CVE-2020-12690

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. The list of roles provided for an OAuth1 access token is silently ignored. Thus, when a...

Linux Distros Unpatched Vulnerability : CVE-2017-2622

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An accessibility flaw was found in the OpenStack Workflow mistral service where a service log directory was improperly made world readable. A malicious system...

Linux Distros Unpatched Vulnerability : CVE-2021-40085

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in OpenStack Neutron before 16.4.1, 17.x before 17.2.1, and 18.x before 18.1.1. Authenticated attackers can reconfigure dnsmasq via a...

Linux Distros Unpatched Vulnerability : CVE-2020-12691

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. Any authenticated user can create an EC2 credential for themselves for a project that...