7796 matches found
CVE-2024-7319
An incomplete fix for CVE-2023-1625 was found in openstack-heat. Sensitive information may possibly be disclosed through the OpenStack stack abandon command with the hidden feature set to True and the CVE-2023-1625 fix applied...
DEBIAN-CVE-2024-7319
An incomplete fix for CVE-2023-1625 was found in openstack-heat. Sensitive information may possibly be disclosed through the OpenStack stack abandon command with the hidden feature set to True and the CVE-2023-1625 fix applied...
CVE-2024-7319
An incomplete fix for CVE-2023-1625 was found in openstack-heat. Sensitive information may possibly be disclosed through the OpenStack stack abandon command with the hidden feature set to True and the CVE-2023-1625 fix applied...
CVE-2024-7319
An incomplete fix for CVE-2023-1625 was found in openstack-heat. Sensitive information may possibly be disclosed through the OpenStack stack abandon command with the hidden feature set to True and the CVE-2023-1625 fix applied...
UBUNTU-CVE-2024-7319
An incomplete fix for CVE-2023-1625 was found in openstack-heat. Sensitive information may possibly be disclosed through the OpenStack stack abandon command with the hidden feature set to True and the CVE-2023-1625 fix applied...
CVE-2024-7319 Openstack-heat: incomplete fix for cve-2023-1625
An incomplete fix for CVE-2023-1625 was found in openstack-heat. Sensitive information may possibly be disclosed through the OpenStack stack abandon command with the hidden feature set to True and the CVE-2023-1625 fix applied...
CVE-2024-7319
CVE-2024-7319 arises from an incomplete fix for CVE-2023-1625 in OpenStack Heat. The vulnerability could allow sensitive information to be disclosed via the OpenStack stack abandon command when the hidden feature remains enabled, even if the CVE-2023-1625 fix is applied. The connected documents c...
CVE-2024-7319 Openstack-heat: incomplete fix for cve-2023-1625
An incomplete fix for CVE-2023-1625 was found in openstack-heat. Sensitive information may possibly be disclosed through the OpenStack stack abandon command with the hidden feature set to True and the CVE-2023-1625 fix applied...
CVE-2024-7319
An incomplete fix for CVE-2023-1625 was found in openstack-heat. Sensitive information may possibly be disclosed through the OpenStack stack abandon command with the hidden feature set to True and the CVE-2023-1625 fix applied...
PT-2024-38264 · Openstack +1 · Openstack +1
Name of the Vulnerable Software and Affected Versions: OpenStack versions 16.1 through 17.0 Description: A vulnerability in the stack abandon command could expose sensitive information. Recommendations: For versions 16.1 through 17.0, upgrade to version 22.0.2 to maintain data security...
CVE-2024-41961
Elektra is an opinionated Openstack Dashboard for Operators and Consumers of Openstack Services. A code injection vulnerability was found in the live search functionality of the Ruby on Rails based Elektra web application. An authenticated user can craft a search term containing Ruby code, which...
CVE-2024-41961 Elektra vulnerable to remote code execution in universal search
Elektra is an opinionated Openstack Dashboard for Operators and Consumers of Openstack Services. A code injection vulnerability was found in the live search functionality of the Ruby on Rails based Elektra web application. An authenticated user can craft a search term containing Ruby code, which...
CVE-2024-41961 Elektra vulnerable to remote code execution in universal search
Elektra is an opinionated Openstack Dashboard for Operators and Consumers of Openstack Services. A code injection vulnerability was found in the live search functionality of the Ruby on Rails based Elektra web application. An authenticated user can craft a search term containing Ruby code, which...
CVE-2024-41961 Elektra vulnerable to remote code execution in universal search
Elektra is an opinionated Openstack Dashboard for Operators and Consumers of Openstack Services. A code injection vulnerability was found in the live search functionality of the Ruby on Rails based Elektra web application. An authenticated user can craft a search term containing Ruby code, which...
Elektra 安全漏洞
Elektra is an Openstack dashboard open-sourced by SAP Converged Cloud. Making Openstack more accessible to users. A security vulnerability exists in Elektra that stems from the presence of a code injection vulnerability that allows an authenticated user to craft search terms containing Ruby code ...
OpenStack Heat 信息泄露漏洞
OpenStack Heat is an OpenStack open source service. Composite cloud applications are orchestrated using a declarative template format via the OpenStack native REST API. A security vulnerability exists in OpenStack Heat that stems from the presence of sensitive information disclosure issues...
SUSE CVE-2024-40767
In OpenStack Nova before 27.4.1, 28 before 28.2.1, and 29 before 29.1.1, by supplying a raw format image that is actually a crafted QCOW2 image with a backing file path or VMDK flat image with a descriptor file path, an authenticated user may convince systems to return a copy of the referenced...
GHSA-RM86-H44C-2R2M OpenStack Nova vulnerable to unauthorized access to potentially sensitive data
In OpenStack Nova before 27.4.1, 28 before 28.2.1, and 29 before 29.1.1, by supplying a raw format image that is actually a crafted QCOW2 image with a backing file path or VMDK flat image with a descriptor file path, an authenticated user may convince systems to return a copy of the referenced...
OpenStack Nova vulnerable to unauthorized access to potentially sensitive data
In OpenStack Nova before 27.4.1, 28 before 28.2.1, and 29 before 29.1.1, by supplying a raw format image that is actually a crafted QCOW2 image with a backing file path or VMDK flat image with a descriptor file path, an authenticated user may convince systems to return a copy of the referenced...
CVE-2024-40767
In OpenStack Nova before 27.4.1, 28 before 28.2.1, and 29 before 29.1.1, by supplying a raw format image that is actually a crafted QCOW2 image with a backing file path or VMDK flat image with a descriptor file path, an authenticated user may convince systems to return a copy of the referenced...