7812 matches found
Moderate: Red Hat Security Advisory: python-django-horizon security update
An update for python-django-horizon is now available for Red Hat OpenStack Platform 13 Queens. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...
OpenStack Security Vulnerabilities
OpenStack is a cloud platform management program developed by the National Aeronautics and Space Administration NASA in collaboration with Rackspace in the United States. A security vulnerability exists in OpenStack Manila that stems from the fact that DescriptionUser credentials can be manipulat...
Moderate: Red Hat Security Advisory: python-django-horizon security update
An update for python-django-horizon is now available for Red Hat OpenStack Platform 16.1 Train. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
SUSE SLES12 Security Update : krb5 (SUSE-SU-2020:3379-1)
This update for krb5 fixes the following security issue : CVE-2020-28196: Fixed an unbounded recursion via an ASN.1-encoded Kerberos message bsc1178512. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted...
Open Redirection
openstack horizon is vulnerable to open redirection. A remote attacker is able to redirect a user to a malicious site via the next parameter...
SUSE-SU-2020:3624-1 Security update for crowbar-openstack, grafana, influxdb, python-urllib3
This update for crowbar-openstack, grafana, influxdb, python-urllib3 contains the following fixes: Security fixes included in this update: openstack-glance - CVE-2016-8611: Added rate limiting for glance api bnc1005886 grafana - CVE-2020-24303: Fixed an XSS via a query alias for the ElasticSearch...
CVE-2020-29565
An issue was discovered in OpenStack Horizon before 15.3.2, 16.x before 16.2.1, 17.x and 18.x before 18.3.3, 18.4.x, and 18.5.x. There is a lack of validation of the "next" parameter, which would allow someone to supply a malicious URL in Horizon that can cause an automatic redirect to the provid...
DEBIAN-CVE-2020-29565
An issue was discovered in OpenStack Horizon before 15.3.2, 16.x before 16.2.1, 17.x and 18.x before 18.3.3, 18.4.x, and 18.5.x. There is a lack of validation of the "next" parameter, which would allow someone to supply a malicious URL in Horizon that can cause an automatic redirect to the provid...
CVE-2020-29565
An issue was discovered in OpenStack Horizon before 15.3.2, 16.x before 16.2.1, 17.x and 18.x before 18.3.3, 18.4.x, and 18.5.x. There is a lack of validation of the "next" parameter, which would allow someone to supply a malicious URL in Horizon that can cause an automatic redirect to the provid...
PYSEC-2020-45
An issue was discovered in OpenStack Horizon before 15.3.2, 16.x before 16.2.1, 17.x and 18.x before 18.3.3, 18.4.x, and 18.5.x. There is a lack of validation of the "next" parameter, which would allow someone to supply a malicious URL in Horizon that can cause an automatic redirect to the provid...
CVE-2020-29565
An issue was discovered in OpenStack Horizon before 15.3.2, 16.x before 16.2.1, 17.x and 18.x before 18.3.3, 18.4.x, and 18.5.x. There is a lack of validation of the "next" parameter, which would allow someone to supply a malicious URL in Horizon that can cause an automatic redirect to the provid...
Design/Logic Flaw
An issue was discovered in OpenStack Horizon before 15.3.2, 16.x before 16.2.1, 17.x and 18.x before 18.3.3, 18.4.x, and 18.5.x. There is a lack of validation of the "next" parameter, which would allow someone to supply a malicious URL in Horizon that can cause an automatic redirect to the provid...
PYSEC-2020-45
An issue was discovered in OpenStack Horizon before 15.3.2, 16.x before 16.2.1, 17.x and 18.x before 18.3.3, 18.4.x, and 18.5.x. There is a lack of validation of the "next" parameter, which would allow someone to supply a malicious URL in Horizon that can cause an automatic redirect to the provid...
UBUNTU-CVE-2020-29565
An issue was discovered in OpenStack Horizon before 15.3.2, 16.x before 16.2.1, 17.x and 18.x before 18.3.3, 18.4.x, and 18.5.x. There is a lack of validation of the "next" parameter, which would allow someone to supply a malicious URL in Horizon that can cause an automatic redirect to the provid...
CVE-2020-29565
An issue was discovered in OpenStack Horizon before 15.3.2, 16.x before 16.2.1, 17.x and 18.x before 18.3.3, 18.4.x, and 18.5.x. There is a lack of validation of the "next" parameter, which would allow someone to supply a malicious URL in Horizon that can cause an automatic redirect to the provid...
CVE-2020-29565
An OpenStack Horizon vulnerability (CVE-2020-29565) arises from insufficient validation of the next URL parameter, allowing an attacker to trigger an automatic redirect to a malicious URL. Affected Horizon branches include pre-15.3.2, 16.x pre-16.2.1, 17.x and 18.x pre-18.3.3, as well as 18.4.x a...
CVE-2020-29565
An issue was discovered in OpenStack Horizon before 15.3.2, 16.x before 16.2.1, 17.x and 18.x before 18.3.3, 18.4.x, and 18.5.x. There is a lack of validation of the "next" parameter, which would allow someone to supply a malicious URL in Horizon that can cause an automatic redirect to the provid...
OpenStack Horizon Input Validation Error Vulnerability
OpenStack is a cloud platform management program developed by the National Aeronautics and Space Administration NASA in collaboration with Rackspace in the United States. A security vulnerability exists in OpenStack Horizon versions 15.3.2,16 before, which stems from a lack of validation of the...
Lxml Cross-Site Scripting Vulnerability
Lxml is a software from the individual developer of Lxml that interacts with Python to locate elements in Html. Lxml suffers from a cross-site scripting vulnerability that arises from javascript escaping via a combination of noscript and style. The following products and versions are affected:...
Selected Red Hat Products Security Vulnerabilities
Red Hat Ceph Storage is a scalable, open software-defined storage platform. Red Hat OpenShift is a Platform-as-a-Service PaaS cloud computing platform. Container Platform is an application platform that enables organizations to develop, deploy and manage existing container-based applications acro...