7816 matches found
CVE-2021-3654
The CVE-2021-3654 issue affects openstack-nova’s console proxy, noVNC, where crafting a malicious URL can trigger an open redirect to an attacker-controlled site. This could enable users to be redirected to a malicious page, potentially exposing sensitive information or enabling further actions. ...
CVE-2021-3654
A vulnerability was found in openstack-nova's console proxy, noVNC. By crafting a malicious URL, noVNC could be made to redirect to any desired URL...
PT-2022-10519
Name of the Vulnerable Software and Affected Versions openstack-nova affected versions not specified Description A vulnerability was found in openstack-nova's console proxy, noVNC. By crafting a malicious URL, noVNC could be made to redirect to any desired URL. This issue is also related to...
CVE-2021-3654
A vulnerability was found in openstack-nova's console proxy, noVNC. By crafting a malicious URL, noVNC could be made to redirect to any desired URL...
SUSE: Security Advisory (SUSE-SU-2022:0542-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Python-Oslo-Utils 日志信息泄露漏洞
Python-Oslo-Utils is a library from the OpenStack community. It is used to provide support for common utility type functions such as encoding, exception handling, string manipulation and time handling. A security vulnerability exists in Python-Oslo-Utils. No information about this vulnerability i...
Huawei EulerOS: Security Advisory for cups (EulerOS-SA-2022-1061)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 3.0.6.6 : cups (EulerOS-SA-2022-1115)
According to the versions of the cups packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An input validation issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.1, Security Update...
SUSE: Security Advisory (SUSE-SU-2022:0359-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2022:0358-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2022:0271-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2022-23451
An authorization flaw was found in openstack-barbican. The default policy rules for the secret metadata API allowed any authenticated user to add, modify, or delete metadata from any secret regardless of ownership. This flaw allows an attacker on the network to modify or delete protected data,...
CVE-2022-23452
An authorization flaw was found in openstack-barbican, where anyone with an admin role could add secrets to a different project container. This flaw allows an attacker on the network to consume protected resources and cause a denial of service...
UBUNTU-CVE-2022-23452
An authorization flaw was found in openstack-barbican, where anyone with an admin role could add secrets to a different project container. This flaw allows an attacker on the network to consume protected resources and cause a denial of service...
UBUNTU-CVE-2022-23451
An authorization flaw was found in openstack-barbican. The default policy rules for the secret metadata API allowed any authenticated user to add, modify, or delete metadata from any secret regardless of ownership. This flaw allows an attacker on the network to modify or delete protected data,...
PT-2022-15998 · Openstack +3 · Openstack-Barbican +3
Name of the Vulnerable Software and Affected Versions: openstack-barbican affected versions not specified Description: An authorization flaw was found in openstack-barbican, where anyone with an admin role could add secrets to a different project container. This flaw allows an attacker on the...
RHEL 8 : Red Hat OpenStack Platform 16.1 (etcd) (RHSA-2022:0260)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:0260 advisory. A highly-available key value store for shared configuration Security Fixes: net/http: limit growth of header canonicalization cache...
Important: Red Hat Security Advisory: Red Hat OpenStack Platform 16.1 (etcd) security update
An update for etcd is now available for Red Hat OpenStack Platform 16.1 Train. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...
RHEL 8 : Red Hat OpenStack Platform 16.2 (etcd) (RHSA-2022:0237)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:0237 advisory. A highly-available key value store for shared configuration Security Fixes: net/http: limit growth of header canonicalization cache...
Important: Red Hat Security Advisory: Red Hat OpenStack Platform 16.2 (etcd) security update
An update for etcd is now available for Red Hat OpenStack Platform 16.2 Train. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...