7813 matches found
Design/Logic Flaw
A flaw was found in openstack-neutron's default Open vSwitch firewall rules. By sending carefully crafted packets, anyone in control of a server instance connected to the virtual switch can impersonate the IPv6 addresses of other systems on the network, resulting in denial of service or in some...
PYSEC-2021-136
A flaw was found in openstack-neutron's default Open vSwitch firewall rules. By sending carefully crafted packets, anyone in control of a server instance connected to the virtual switch can impersonate the IPv6 addresses of other systems on the network, resulting in denial of service or in some...
CVE-2021-20267
A flaw was found in openstack-neutron's default Open vSwitch firewall rules. By sending carefully crafted packets, anyone in control of a server instance connected to the virtual switch can impersonate the IPv6 addresses of other systems on the network, resulting in denial of service or in some...
PYSEC-2021-136
A flaw was found in openstack-neutron's default Open vSwitch firewall rules. By sending carefully crafted packets, anyone in control of a server instance connected to the virtual switch can impersonate the IPv6 addresses of other systems on the network, resulting in denial of service or in some...
UBUNTU-CVE-2021-20267
A flaw was found in openstack-neutron's default Open vSwitch firewall rules. By sending carefully crafted packets, anyone in control of a server instance connected to the virtual switch can impersonate the IPv6 addresses of other systems on the network, resulting in denial of service or in some...
CVE-2021-20267
CVE-2021-20267 affects OpenStack Neutron when using the Open vSwitch driver. The flaw resides in Neutron’s default Open vSwitch firewall rules, allowing an attacker who controls a server instance connected to the virtual switch to impersonate other IPv6 addresses, potentially causing denial of se...
CVE-2021-20267
A flaw was found in openstack-neutron's default Open vSwitch firewall rules. By sending carefully crafted packets, anyone in control of a server instance connected to the virtual switch can impersonate the IPv6 addresses of other systems on the network, resulting in denial of service or in some...
CVE-2021-20267
A flaw was found in openstack-neutron's default Open vSwitch firewall rules. By sending carefully crafted packets, anyone in control of a server instance connected to the virtual switch can impersonate the IPv6 addresses of other systems on the network, resulting in denial of service or in some...
OpenStack 数据伪造问题漏洞
OpenStack is a cloud platform management program developed by the National Aeronautics and Space Administration NASA in collaboration with Rackspace in the United States. Openstack Neutron is vulnerable to a Data Forgery Issue vulnerability that stems from a flaw found in the default Open vSwitch...
RHEL 8 : Red Hat OpenStack Platform 16.1.6 (tripleo-ansible) (RHSA-2021:2119)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2021:2119 advisory. Ansible project for TripleO. Security Fixes: ansible.log file is visible to unprivileged users CVE-2021-31918 For more details about the security...
RHEL 8 : Red Hat OpenStack Platform 16.1.6 (python-httplib2) (RHSA-2021:2116)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:2116 advisory. A comprehensive HTTP client library that supports many features left out of other HTTP libraries. Security Fixes: CRLF injection via an...
Moderate: Red Hat Security Advisory: Red Hat OpenStack Platform 16.1.6 (python-httplib2) security update
An update for python-httplib2 is now available for Red Hat OpenStack Platform 16.1 Train. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Important: Red Hat Security Advisory: Red Hat OpenStack Platform 16.1.6 (tripleo-ansible) security update
An update for tripleo-ansible is now available for Red Hat OpenStack Platform 16.1 Train. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
CVE-2021-3563
A flaw was found in openstack-keystone. Only the first 72 characters of an application secret are verified allowing attackers bypass some password complexity which administrators may be counting on. The highest threat from this vulnerability is to data confidentiality and integrity...
SUSE SLES12 Security Update : graphviz (SUSE-SU-2021:1646-1)
This update for graphviz fixes the following issues : CVE-2020-18032: Fixed possible remote code execution via buffer overflow bsc1185833. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to...
ceph: User credentials can be manipulated and stolen by Native CephFS consumers of OpenStack Manila
User credentials can be manipulated and stolen by Native CephFS consumers of OpenStack Manila, resulting in potential privilege escalation. An Open Stack Manila user can request access to a share to an arbitrary cephx user, including existing users. The access key is retrieved via the interface...
CVE-2021-31918
A flaw was found in tripleo-ansible version as shipped in Red Hat Openstack 16.1. The Ansible log file is readable to all users during stack update and creation. The highest threat from this vulnerability is to data confidentiality...
Design/Logic Flaw
A flaw was found in tripleo-ansible version as shipped in Red Hat Openstack 16.1. The Ansible log file is readable to all users during stack update and creation. The highest threat from this vulnerability is to data confidentiality...
CVE-2021-31918
CVE-2021-31918 affects tripleo-ansible as shipped in Red Hat OpenStack Platform 16.1.6. The Ansible log file is readable by unprivileged users during stack update and creation, creating a data confidentiality risk. Red Hat RHSA-2021:2119 documents this issue and provides remediation guidance via ...
PT-2021-19593 · Red Hat · Tripleo-Ansible
Name of the Vulnerable Software and Affected Versions: tripleo-ansible version as shipped in Red Hat Openstack 16.1 Description: A flaw was found in the software, where the Ansible log file is readable to all users during stack update and creation. The highest threat from this vulnerability is to...