7805 matches found
CVE-2019-9735
CVE-2019-9735 affects the OpenStack Neutron iptables security group driver. In affected releases (OpenStack Neutron before 10.0.8; 11.x before 11.0.7; 12.x before 12.0.6; 13.x before 13.0.3), setting a destination port in a security group rule together with a protocol that doesn’t support that op...
CVE-2019-9735
An issue was discovered in the iptables firewall module in OpenStack Neutron before 10.0.8, 11.x before 11.0.7, 12.x before 12.0.6, and 13.x before 13.0.3. By setting a destination port in a security group rule along with a protocol that doesn't support that option for example, VRRP, an...
CVE-2019-9735
An issue was discovered in the iptables firewall module in OpenStack Neutron before 10.0.8, 11.x before 11.0.7, 12.x before 12.0.6, and 13.x before 13.0.3. By setting a destination port in a security group rule along with a protocol that doesn't support that option for example, VRRP, an...
CVE-2019-9735
An issue was discovered in the iptables firewall module in OpenStack Neutron before 10.0.8, 11.x before 11.0.7, 12.x before 12.0.6, and 13.x before 13.0.3. By setting a destination port in a security group rule along with a protocol that doesn't support that option for example, VRRP, an...
UBUNTU-CVE-2019-9735
An issue was discovered in the iptables firewall module in OpenStack Neutron before 10.0.8, 11.x before 11.0.7, 12.x before 12.0.6, and 13.x before 13.0.3. By setting a destination port in a security group rule along with a protocol that doesn't support that option for example, VRRP, an...
Moderate: Red Hat Security Advisory: vdsm security and bug fix update
An update for vdsm is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
[SECURITY] Fedora 28 Update: docker-1.13.1-65.git1185cfd.fc28
Docker is an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that will run virtually anywhere. Docker containers can encapsulate any payload, and will run consistently on and between virtually any server. The same container...
[SECURITY] Fedora 29 Update: docker-1.13.1-65.git1185cfd.fc29
Docker is an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that will run virtually anywhere. Docker containers can encapsulate any payload, and will run consistently on and between virtually any server. The same container...
[SECURITY] Fedora 29 Update: docker-latest-1.13.1-40.git1185cfd.fc29
Docker is an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that will run virtually anywhere. Docker containers can encapsulate any payload, and will run consistently on and between virtually any server. The same container...
[SECURITY] Fedora 28 Update: docker-1.13.1-63.git1185cfd.fc28
Docker is an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that will run virtually anywhere. Docker containers can encapsulate any payload, and will run consistently on and between virtually any server. The same container...
Security Bulletin: PowerVC is affected by an Openstack Keystone vulnerability that could allow a remote authenticated attacker to discover restricted projects (CVE-2018-14432)
Summary PowerVC has addressed the following vulnerability. An authenticated "GET /v3/OS-FEDERATION/projects" request to the identity API may bypass intended access restrictions on listing projects. An authenticated user may discover projects they have no authority to access, leaking all projects ...
Information Disclosure
openstack-cinder is vulnerable to information disclosure. As data is retained after deletion of a ScaleIO volume, newly created volumes in certain storage volume configurations contains data from the previous volume. This leads to confidential information leakage between tenants...
Information Disclosure
openstack-keystone is vulnerable to information disclosure. An authorization bypass on the listing projects via an authenticated GET /v3/OS-FEDERATION/projects request allows authenticated users to discover projects they have no authority to access, disclosing the project and attributes informati...
Denial Of Service (DoS)
openstack-nova is vulnerable to denial of service. Swapping encrypted volumes can allow an attacker to corrupt the LUKS header on the compute host, causing a denial of service condition...
World Readable Data
tripleo-heat-templates contains a world readable data vulnerability. The library does not set the proper permissions during the creation of the ceph.client.openstack.keyring, allowing a local user to access the keyring to read or modify data. This vulnerability only affects setups with openstack...
Authorization Bypass
openstack-nova is vulnerable to authorization bypass attacks. The vulnerability exists when rebuilding an instance, an authenticated user may be able to circumvent the Filter Scheduler bypassing imposed filters for example, the ImagePropertiesFilter or the IsolatedHostsFilter. All setups using No...
Information Disclosure
openstack-neutron is vulnerable to information disclosure attacks. The vulnerability exists as a race-condition flaw was discovered in openstack-neutron before 7.2.0-12.1, 8.x before 8.3.0-11.1, 9.x before 9.3.1-2.1, and 10.x before 10.0.2-1.1, where, following a minor overcloud update, neutron...
Information Disclosure
openstack-mistral is vulnerable to information disclosure attacks. The vulnerability exists as an accessibility flaw was found in the OpenStack Workflow mistral service where a service log directory was improperly made world readable. A malicious system user could exploit this flaw to access...
Authorization Bypass
openstack-keystone is vulnerable to authorization bypass attacks. The vulnerability exists as an authorization-check flaw was discovered in federation configurations of the OpenStack Identity service keystone. An authenticated federated user could request permissions to a project and...
Cross-site Scripting (XSS)
python-django-horizon is vulnerable to cross-site scripting XSS attacks. The vulnerability exists as OpenStack Horizon 9.x through 9.1.1, 10.x through 10.0.2, and 11.0.0 allows remote authenticated administrators to conduct XSS attacks via a crafted federation mapping...