CVE-2021-4472

CVE-2021-4472 affects the OpenStack Mistral ecosystem, specifically the mistral-dashboard plugin and related python-mistralclient. A local file inclusion (LFI) vulnerability via the Create Workbook feature could disclose arbitrary local file contents. Public advisories confirm this issue across d...

CVE-2021-4472 Python-mistralclient: mistral-dashboard: local file inclusion through the 'create workbook' feature

The mistral-dashboard plugin for openstack has a local file inclusion vulnerability through the 'Create Workbook' feature that may result in disclosure of arbitrary local files content...

CVE-2021-4472

The mistral-dashboard plugin for openstack has a local file inclusion vulnerability through the 'Create Workbook' feature that may result in disclosure of arbitrary local files content...

CVE-2021-4472 Python-mistralclient: mistral-dashboard: local file inclusion through the 'create workbook' feature

The mistral-dashboard plugin for openstack has a local file inclusion vulnerability through the 'Create Workbook' feature that may result in disclosure of arbitrary local files content...

openstack mistral-dashboard 安全漏洞

OpenStack Mistral-Dashboard is an OpenStack open source GUI plugin. A security vulnerability exists in openstack mistral-dashboard, which stems from a local file inclusion vulnerability in the Create Workbook feature that could lead to the disclosure of the contents of arbitrary local files...

PT-2025-48173

Name of the Vulnerable Software and Affected Versions mistral-dashboard plugin for openstack affected versions not specified Description The mistral-dashboard plugin for openstack contains a local file inclusion issue within the 'Create Workbook' feature. This could lead to the disclosure of...

TencentOS Server 4: python-yaql (TSSA-2024:1088)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:1088 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

TencentOS Server 4: openstack-glance (TSSA-2025:0076)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0076 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

TencentOS Server 4: etcd (TSSA-2025:0331)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0331 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

TencentOS Server 4: openstack-cinder (TSSA-2025:0077)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0077 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

Linux Distros Unpatched Vulnerability : CVE-2025-65073

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenStack Keystone before 26.0.1, 27.0.0, and 28.0.0 allows a /v3/ec2tokens or /v3/s3tokens request with a valid AWS Signature to provide Keystone authorization...

OpenStack Keystone allows /v3/ec2tokens or /v3/s3tokens request with valid AWS Signature to provide Keystone authorization.

OpenStack Keystone before 26.0.1, 27.0.0, and 28.0.0 allows a /v3/ec2tokens or /v3/s3tokens request with a valid AWS Signature to provide Keystone authorization...

GHSA-HCQG-5G63-7J9H OpenStack Keystone allows /v3/ec2tokens or /v3/s3tokens request with valid AWS Signature to provide Keystone authorization.

OpenStack Keystone before 26.0.1, 27.0.0, and 28.0.0 allows a /v3/ec2tokens or /v3/s3tokens request with a valid AWS Signature to provide Keystone authorization...

Access Control Bypass

Overview swift is an OpenStack Object Storage Affected versions of this package are vulnerable to Access Control Bypass via the ec2tokens or s3tokens process when a request with a valid AWS Signature is accepted for authorization. An attacker can gain unauthorized access by submitting specially...

CVE-2025-65073

OpenStack Keystone before 26.0.1, 27.0.0, and 28.0.0 allows a /v3/ec2tokens or /v3/s3tokens request with a valid AWS Signature to provide Keystone authorization...

EUVD-2025-197772

OpenStack Keystone before 26.0.1, 27.0.0, and 28.0.0 allows a /v3/ec2tokens or /v3/s3tokens request with a valid AWS Signature to provide Keystone authorization...

CVE-2025-65073

OpenStack Keystone prior to 26.0.1, 27.0.0, or 28.0.0 is vulnerable to requests to /v3/ec2tokens or /v3/s3tokens bearing a valid AWS Signature that can authorize access. The issue (CVE-2025-65073) enables unauthorized access and potential privilege escalation. CVSS v3.1 base score 7.5 (Network, h...

Keystone 安全漏洞

Keystone is a powerful CMS open source for OpenStack. used to help you build and scale faster than any other Cms or application framework. A security vulnerability exists in Keystone versions prior to 26.0.1, 27.0.0, and 28.0.0 that stems from allowing requests with valid AWS signatures to provid...

CVE-2025-65073

OpenStack Keystone before 26.0.1, 27.0.0, and 28.0.0 allows a /v3/ec2tokens or /v3/s3tokens request with a valid AWS Signature to provide Keystone authorization...

CVE-2025-65073

OpenStack Keystone before 26.0.1, 27.0.0, and 28.0.0 allows a /v3/ec2tokens or /v3/s3tokens request with a valid AWS Signature to provide Keystone authorization...