SUSE: Security Advisory (SUSE-SU-2022:3499-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 7 / 8 / 9 : Red Hat OpenStack Platform (openstack-barbican) (RHSA-2022:6750)

The remote Redhat Enterprise Linux 7 / 8 / 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:6750 advisory. Barbican is a ReST API designed for the secure storage, provisioning and management of secrets, including in OpenStack environments. Security...

Important: Red Hat Security Advisory: Red Hat OpenStack Platform (openstack-barbican) security update

An update for openstack-barbican is now available for Red Hat OpenStack Platform. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

openstack-barbican: access policy bypass via query string injection

A flaw was found in the openstack-barbican component. This issue allows an access policy bypass via a query string when accessing the API...

CVE-2022-3100

A flaw was found in the openstack-barbican component. This issue allows an access policy bypass via a query string when accessing the API...

PT-2022-20446 · Openstack +2 · Openstack-Barbican +2

Name of the Vulnerable Software and Affected Versions: openstack-barbican affected versions not specified Description: A flaw was found in the openstack-barbican component, allowing an access policy bypass via a query string when accessing the API. Recommendations: At the moment, there is no...

UBUNTU-CVE-2022-3100

A flaw was found in the openstack-barbican component. This issue allows an access policy bypass via a query string when accessing the API...

CVE-2022-3100

A flaw was found in the openstack-barbican component. This issue allows an access policy bypass via a query string when accessing the API...

OpenStack barbican 安全漏洞

OpenStack is a cloud platform management program of the National Aeronautics and Space Administration NASA. barbican is an OpenStack key management service, API server. A security vulnerability exists in OpenStack barbican that stems from an issue in the component that allows access policies to b...

CVE-2022-3277

An uncontrolled resource consumption flaw was found in openstack-neutron. This flaw allows a remote authenticated user to query a list of security groups for an invalid project. This issue creates resources that are unconstrained by the user's quota. If a malicious user were to submit a significa...

SUSE-SU-2022:3338-1 Security update for ardana-ansible, ardana-cobbler, grafana, openstack-heat-templates, openstack-murano, python-Django, rabbitmq-server, rubygem-puma

This update for ardana-ansible, ardana-cobbler, grafana, openstack-heat-templates, openstack-murano, python-Django, rabbitmq-server, rubygem-puma fixes the following issues: Security updates included on this update: ardana-ansible, ardana-cobbler, grafana, openstack-heat-templates,...

RHEL 8 : Red Hat OpenStack Platform 16.1 (openstack-neutron) (RHSA-2021:3481)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:3481 advisory. Neutron is a virtual network service for Openstack, and a part of Netstack. Just like OpenStack Nova provides an API to dynamically request and...

RHEL 8 : Red Hat OpenStack Platform 16.2 (etcd) (RHSA-2021:3487)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:3487 advisory. A highly-available key value store for shared configuration Security Fixes: net/http: panic in ReadRequest and ReadResponse when reading a...

SUSE: Security Advisory (SUSE-SU-2022:3269-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 7 : Red Hat OpenStack Platform 13.0 (openstack-neutron) (RHSA-2021:3503)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:3503 advisory. Neutron is a virtual network service for OpenStack. Just like OpenStack Nova provides an API to dynamically request and configure virtual servers,...

RHEL 8 : Red Hat OpenStack Platform 16.2 (openstack-neutron) (RHSA-2021:3488)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:3488 advisory. Neutron is a virtual network service for OpenStack. Just like OpenStack Nova provides an API to dynamically request and configure virtual servers,...

RHEL 8 : Red Hat OpenStack Platform 16.2 (python-django20) (RHSA-2021:3490)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:3490 advisory. Security Fixes: Potential directory-traversal via archive.extract CVE-2021-3281 Potential directory traversal via admindocs CVE-2021-33203...

RHEL 7 : Red Hat OpenStack Platform 10.0 (openstack-neutron) (RHSA-2021:3502)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:3502 advisory. Neutron is a virtual network service for OpenStack. Just like OpenStack Nova provides an API to dynamically request and configure virtual servers,...

[SECURITY] [DLA 3106-1] python-oslo.utils security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3106-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb September 13, 2022 https://wiki.debian.org/LTS -...

CVE-2022-3101

A flaw was found in tripleo-ansible. Due to an insecure default configuration, the permissions of a sensitive file are not sufficiently restricted. This flaw allows a local attacker to use brute force to explore the relevant directory and discover the file, leading to information disclosure of...