CVE-2024-44082

In OpenStack Ironic before 26.0.1 and ironic-python-agent before 9.13.1, there is a vulnerability in image processing, in which a crafted image could be used by an authenticated user to exploit undesired behaviors in qemu-img, including possible unauthorized access to potentially sensitive data...

CVE-2024-44082

In OpenStack Ironic before 26.0.1 and ironic-python-agent before 9.13.1, there is a vulnerability in image processing, in which a crafted image could be used by an authenticated user to exploit undesired behaviors in qemu-img, including possible unauthorized access to potentially sensitive data...

Ubuntu 22.04 LTS / 24.04 LTS : OpenStack vulnerability (USN-6989-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6989-1 advisory. Dan Smith, Julia Kreger and Jay Faulkner discovered that in image processing for Ironic, a specially crafted image could be used by an authenticated...

Debian dla-3871 : cinder-api - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3871 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3871-1 [email protected]...

Debian dla-3870 : python-oslo.utils-doc - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-3870 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3870-1 [email protected] https://www.debian.org/lts/security/...

Debian dla-3873 : nova-api - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3873 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3873-1 [email protected]...

[SECURITY] [DLA 3873-1] nova security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3873-1 [email protected] https://www.debian.org/lts/security/ Thomas Goirand September 05, 2024 https://wiki.debian.org/LTS -...

[SECURITY] [DLA 3871-1] cinder security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3871-1 [email protected] https://www.debian.org/lts/security/ Thomas Goirand September 05, 2024 https://wiki.debian.org/LTS -...

[SECURITY] [DLA 3870-1] python-oslo.utils new upstream release

------------------------------------------------------------------------- Debian LTS Advisory DLA-3870-1 [email protected] https://www.debian.org/lts/security/ Thomas Goirand September 05, 2024 https://wiki.debian.org/LTS -...

USN-6989-1: OpenStack vulnerability

Dan Smith, Julia Kreger and Jay Faulkner discovered that in image processing for Ironic, a specially crafted image could be used by an authenticated user to exploit undesired behaviors in qemu-img, including possible unauthorized access to potentially sensitive data...

PT-2024-30939 · Openstack +3 · Openstack Ironic +4

Name of the Vulnerable Software and Affected Versions: OpenStack Ironic versions prior to 26.0.1 Ironic-python-agent versions prior to 9.13.1 Description: The issue concerns a vulnerability in image processing, where a crafted image could be used by an authenticated user to exploit undesired...

UBUNTU-CVE-2024-44082

In OpenStack Ironic before 26.0.1 and ironic-python-agent before 9.13.1, there is a vulnerability in image processing, in which a crafted image could be used by an authenticated user to exploit undesired behaviors in qemu-img, including possible unauthorized access to potentially sensitive data...

Sensitive Information Disclosure

openstack-heat is vulnerable to Sensitive Information Disclosure. The vulnerability is due to the stack abandon command with the hidden feature set to True by which an attacker can disclose sensitive information...

CVE-2024-8007

A flaw was found in the openstack-tripleo-common component of the Red Hat OpenStack Platform RHOSP director. This vulnerability allows an attacker to deploy potentially compromised container images via disabling TLS certificate verification for registry mirrors, which could enable a...

CVE-2024-8007

A flaw was found in the openstack-tripleo-common component of the Red Hat OpenStack Platform RHOSP director. This vulnerability allows an attacker to deploy potentially compromised container images via disabling TLS certificate verification for registry mirrors, which could enable a...

CVE-2024-8007 Openstack-tripleo-common: rhosp director disables tls verification for registry mirrors

A flaw was found in the openstack-tripleo-common component of the Red Hat OpenStack Platform RHOSP director. This vulnerability allows an attacker to deploy potentially compromised container images via disabling TLS certificate verification for registry mirrors, which could enable a...

CVE-2024-8007

CVE-2024-8007 affects the Red Hat OpenStack Platform (RHOSP) 17.1.x Director component, specifically the openstack-tripleo-common module used by the director. The vulnerability arises from disabling TLS certificate verification for registry mirrors, which can allow an attacker to deploy potential...

CVE-2024-8007 Openstack-tripleo-common: rhosp director disables tls verification for registry mirrors

A flaw was found in the openstack-tripleo-common component of the Red Hat OpenStack Platform RHOSP director. This vulnerability allows an attacker to deploy potentially compromised container images via disabling TLS certificate verification for registry mirrors, which could enable a...

[SECURITY] [DSA 5756-1] nova security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5756-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 21, 2024 https://www.debian.org/security/faq -...

[SECURITY] [DSA 5755-1] glance security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5755-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 21, 2024 https://www.debian.org/security/faq -...