openstack-tripleo-heat-templates: data leak of internal URL through keystone_authtoken

An information exposure flaw in openstack-tripleo-heat-templates allows an external user to discover the internal IP or hostname. An attacker could exploit this by checking the wwwauthenticateuri parameter which is visible to all end users in configuration files. This would give sensitive...

Moderate: Red Hat Security Advisory: Red Hat OpenStack 16.1.9 (openstack-tripleo-heat-templates) security update

An update for openstack-tripleo-heat-templates is now available for Red Hat OpenStack Platform 16.1.9 Train for Red Hat Enterprise Linux RHEL 8.2. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which...

Moderate: Red Hat Security Advisory: Red Hat OpenStack Platform 16.2.4 (puppet) security update

An update for puppet is now available for Red Hat OpenStack Platform 16.2.4 Train. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Moderate: Red Hat Security Advisory: Red Hat OpenStack Platform 16.2.4 (protobuf) security update

An update for protobuf is now available for Red Hat OpenStack Platform 16.2.4 Train. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Moderate: Red Hat Security Advisory: Red Hat OpenStack Platform 16.2.4 (python-scciclient) security update

An update for python-scciclient is now available for Red Hat OpenStack Platform 16.2.4 Train director for Red Hat Enterprise Linux RHEL 8.4. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a...

openstack-neutron: unrestricted creation of security groups

An uncontrolled resource consumption flaw was found in openstack-neutron. This flaw allows a remote authenticated user to query a list of security groups for an invalid project. This issue creates resources that are unconstrained by the user's quota. If a malicious user were to submit a significa...

Moderate: Red Hat Security Advisory: Red Hat OpenStack Platform 16.2.4 (openstack-neutron) security update

An update for openstack-neutron is now available for Red Hat OpenStack Platform 16.2.4 Train for Red Hat Enterprise Linux RHEL 8.4. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

Moderate: Red Hat Security Advisory: Red Hat OpenStack Platform 16.2.4 (python-django20) security update

An update for python-django20 is now available for Red Hat OpenStack Platform 16.2.4 Train for Red Hat Enterprise Linux RHEL 8.4. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

Low: Red Hat Security Advisory: Red Hat OpenStack Platform 16.2.4 (rabbitmq-server) security update

An update for rabbitmq-server is now available for Red Hat OpenStack Platform 16.2.4 Train for Red Hat Enterprise Linux RHEL 8.4. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severi...

Low: Red Hat Security Advisory: Red Hat OpenStack Platform 16.2.4 (python-django-horizon) security update

An update for python-django-horizon is now available for Red Hat OpenStack Platform 16.2.4 Train on Red Hat Enterprise Linux RHEL 8.4. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

Moderate: Red Hat Security Advisory: Red Hat OpenStack Platform 16.2.4 (python-paramiko) security update

An update for python-paramiko is now available for Red Hat OpenStack Platform 16.2.4 Train. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Moderate: Red Hat Security Advisory: Red Hat OpenStack Platform 16.2.4 (numpy) security update

An update for numpy is now available for Red Hat OpenStack Platform 16.2.4 Train for Red Hat Enterprise Linux RHEL 8.4. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Moderate: Red Hat Security Advisory: Red Hat OpenStack Platform 16.2.4 (python-XStatic-Angular) security update

An update for python-XStatic-Angular is now available for Red Hat OpenStack Platform 16.2.4 Train. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

Moderate: Red Hat Security Advisory: Red Hat OpenStack 16.2.4 (python-XStatic-Bootstrap-SCSS) security update

An update for python-XStatic-Bootstrap-SCSS is now available for Red Hat OpenStack Platform 16.2.4 Train. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Moderate: Red Hat Security Advisory: Red Hat OpenStack Platform 16.2.4 (python-ujson) security update

An update for python-ujson is now available for Red Hat OpenStack Platform 16.2.4 Train for Red Hat Enterprise Linux RHEL 8.4. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

Moderate: Red Hat Security Advisory: Red Hat OpenStack Platform 16.2.4 (erlang) security update

An update for erlang is now available for Red Hat OpenStack Platform 16.2.4 Train on Red Hat Enterprise Linux RHEL 8.4. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

SUSE: Security Advisory (SUSE-SU-2022:4335-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-3596

An information leak was found in OpenStack's undercloud. This flaw allows unauthenticated, remote attackers to inspect sensitive data after discovering the IP address of the undercloud, possibly leading to compromising private information, including administrator access credentials. Mitigation Th...

OpenStack 安全漏洞

OpenStack is a cloud platform management program of the National Aeronautics and Space Administration NASA. OpenStack suffers from a security vulnerability that stems from allowing an unauthenticated, remote attacker to inspect sensitive data after discovering the IP address of an undercloud, whi...

PT-2022-5772 · Openstack · Openstack Platform

Name of the Vulnerable Software and Affected Versions: OpenStack Platform affected versions not specified Description: The issue is related to an information leak found in OpenStack's undercloud, which allows unauthenticated, remote attackers to inspect sensitive data after discovering the IP...