PT-2026-3233

Name of the Vulnerable Software and Affected Versions OpenStack affected versions not specified Description An issue exists in OpenStack’s keystonemiddleware component that could allow for privilege escalation or impersonation. An authenticated attacker may be able to elevate their privileges or...

YAOOK Operator 安全漏洞

YAOOK Operator is an automated control component for deploying and managing OpenStack cloud services from YAOOK Germany. A security vulnerability exists in YAOOK Operator, which stems from improperly configured replication security and could lead to the disclosure of database contents...

Authentication Bypass

OpenStack Keystone is vulnerable to Authentication Bypass. The vulnerability is due to improper validation of AWS Signature-based requests in token endpoints, which allows an attacker to gain unauthorized Keystone access using crafted requests...

Ubuntu 22.04 LTS : OpenStack Keystone vulnerabilities (USN-7926-1)

The remote Ubuntu 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7926-1 advisory. Kay discovered that OpenStack Keystone incorrectly handled the ec2tokens and s3tokens APIs. A remote attacker could possibly use this issue to obtain...

RHSA-2025:22969 Red Hat Security Advisory: Red Hat OpenStack Platform 17.1 (libwebsockets) security update

Bulletin has no description...

Important: Red Hat Security Advisory: Red Hat OpenStack Platform 17.1 (libwebsockets) security update

An update for libwebsockets is now available for Red Hat OpenStack Platform 17.1 Wallaby. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Important: Red Hat Security Advisory: Red Hat OpenStack Platform 17.1.12 director Operator container images

Updated container images are now available for director Operator for Red Hat OpenStack Platform 17.1.12 Wallaby for RHEL 9.2. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

[SECURITY] Fedora 41 Update: restic-0.18.1-1.fc41

Fast, secure, efficient backup program. restic supports the following backends for storing backups natively: Local directory sftp server via SSH HTTP REST server protocol, rest-server Amazon S3 either from Amazon or using the Minio server OpenStack Swift BackBlaze B2 Microsoft Azure Blob Storage...

[SECURITY] Fedora 42 Update: restic-0.18.1-1.fc42

Fast, secure, efficient backup program. restic supports the following backends for storing backups natively: Local directory sftp server via SSH HTTP REST server protocol, rest-server Amazon S3 either from Amazon or using the Minio server OpenStack Swift BackBlaze B2 Microsoft Azure Blob Storage...

[SECURITY] Fedora 43 Update: restic-0.18.1-1.fc43

Fast, secure, efficient backup program. restic supports the following backends for storing backups natively: Local directory sftp server via SSH HTTP REST server protocol, rest-server Amazon S3 either from Amazon or using the Minio server OpenStack Swift BackBlaze B2 Microsoft Azure Blob Storage...

Debian dla-4391 : python3-mistralclient - security update

The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dla-4391 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4391-1 [email protected] https://www.debian.org/lts/security/...

Linux Distros Unpatched Vulnerability : CVE-2021-4472

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The mistral-dashboard plugin for openstack has a local file inclusion vulnerability through the 'Create Workbook' feature that may result in disclosure of...

SUSE CVE-2021-4472

The mistral-dashboard plugin for openstack has a local file inclusion vulnerability through the 'Create Workbook' feature that may result in disclosure of arbitrary local files content...

EUVD-2021-34723

The mistral-dashboard plugin for openstack has a local file inclusion vulnerability through the 'Create Workbook' feature that may result in disclosure of arbitrary local files content...

OpenStack's Mistral Client has a local file inclusion vulnerability

The mistral-dashboard plugin for openstack has a local file inclusion vulnerability through the 'Create Workbook' feature that may result in disclosure of arbitrary local files content...

CVE-2025-65073

A flaw was found in OpenStack Keystone. This vulnerability allows an attacker to obtain a valid OpenStack's Keystone token, leading to access to unauthorized resources or privilege escalation within the OpenStack instance via sending a valid AWS Amazon Web Services signature to the /v3/ec2tokens ...

CVE-2021-4472

The mistral-dashboard plugin for openstack has a local file inclusion vulnerability through the 'Create Workbook' feature that may result in disclosure of arbitrary local files content...

DEBIAN-CVE-2021-4472

The mistral-dashboard plugin for openstack has a local file inclusion vulnerability through the 'Create Workbook' feature that may result in disclosure of arbitrary local files content...

UBUNTU-CVE-2021-4472

The mistral-dashboard plugin for openstack has a local file inclusion vulnerability through the 'Create Workbook' feature that may result in disclosure of arbitrary local files content...

CVE-2021-4472

The mistral-dashboard plugin for openstack has a local file inclusion vulnerability through the 'Create Workbook' feature that may result in disclosure of arbitrary local files content. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the...