Lucene search
K

13 matches found

RedhatCVE
RedhatCVE
added 2026/06/24 3:19 p.m.5 views

CVE-2026-44393

A flaw was found in OpenStack oslo.messaging. The RabbitMQ driver does not properly verify the hostname of the message broker when establishing a TLS Transport Layer Security connection. An attacker capable of intercepting control-plane network traffic can exploit this vulnerability to impersonat...

7.4CVSS5.8AI score0.0016EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.13 views

Debian dsa-6341 : ironic-api - security update

The remote Debian 12 / 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6341 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6341-1 [email protected]...

8.1CVSS6.7AI score0.00601EPSS
Exploits1References17
SUSE CVE
SUSE CVE
added 2026/06/06 2:46 a.m.7 views

SUSE CVE-2026-44393

An issue was discovered in OpenStack oslo.messaging 1.0.0 through 17.3.0. The oslo.messaging RabbitMQ driver does not perform TLS hostname verification when connecting to the message broker. When sslcafile is configured, the driver enables certificate chain validation but does not pass the expect...

7.4CVSS5.4AI score0.0016EPSS
Exploits0References3
NVD
NVD
added 2026/06/04 4:16 p.m.11 views

CVE-2026-44393

An issue was discovered in OpenStack oslo.messaging 1.0.0 through 17.3.0. The oslo.messaging RabbitMQ driver does not perform TLS hostname verification when connecting to the message broker. When sslcafile is configured, the driver enables certificate chain validation but does not pass the expect...

7.4CVSS0.0016EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/04 12:0 a.m.36 views

CVE-2026-44393

An issue was discovered in OpenStack oslo.messaging 1.0.0 through 17.3.0. The oslo.messaging RabbitMQ driver does not perform TLS hostname verification when connecting to the message broker. When sslcafile is configured, the driver enables certificate chain validation but does not pass the expect...

0.0016EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/04 12:0 a.m.6 views

CVE-2026-44393

An issue was discovered in OpenStack oslo.messaging 1.0.0 through 17.3.0. The oslo.messaging RabbitMQ driver does not perform TLS hostname verification when connecting to the message broker. When sslcafile is configured, the driver enables certificate chain validation but does not pass the expect...

7.4CVSS5.8AI score0.0016EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/04 12:0 a.m.8 views

CVE-2026-44393

An issue was discovered in OpenStack oslo.messaging 1.0.0 through 17.3.0. The oslo.messaging RabbitMQ driver does not perform TLS hostname verification when connecting to the message broker. When sslcafile is configured, the driver enables certificate chain validation but does not pass the expect...

5.8AI score0.0016EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/04 12:0 a.m.12 views

EUVD-2026-34294

An issue was discovered in OpenStack oslo.messaging 1.0.0 through 17.3.0. The oslo.messaging RabbitMQ driver does not perform TLS hostname verification when connecting to the message broker. When sslcafile is configured, the driver enables certificate chain validation but does not pass the expect...

7.4CVSS5.8AI score0.0016EPSS
Exploits0References2
CVE
CVE
added 2026/06/04 12:0 a.m.28 views

CVE-2026-44393

Summary: OpenStack oslo.messaging (RabbitMQ driver) versions 1.0.0–17.3.0 fail TLS hostname verification when connecting to the broker. The driver validates certificate chains when ssl_ca_file is configured but does not pass the broker hostname into the TLS stack, allowing any certificate signed ...

7.4CVSS5.8AI score0.0016EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.15 views

PT-2026-46260

Name of the Vulnerable Software and Affected Versions oslo.messaging versions 1.0.0 through 17.3.0 Description The RabbitMQ driver in oslo.messaging fails to perform TLS hostname verification when connecting to the message broker. While the driver enables certificate chain validation when ssl ca...

7.4CVSS5.5AI score0.0016EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/04 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-44393

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in OpenStack oslo.messaging 1.0.0 through 17.3.0. The oslo.messaging RabbitMQ driver does not perform TLS hostname verification when...

7.4CVSS5.9AI score0.0016EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/06/04 12:0 a.m.8 views

CVE-2026-44393

An issue was discovered in OpenStack oslo.messaging 1.0.0 through 17.3.0. The oslo.messaging RabbitMQ driver does not perform TLS hostname verification when connecting to the message broker. When sslcafile is configured, the driver enables certificate chain validation but does not pass the expect...

7.4CVSS5.8AI score0.0016EPSS
Exploits0
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.7 views

OpenStack oslo.messaging 安全漏洞

OpenStack oslo.messaging is an open-source messaging library for OpenStack. There are security vulnerabilities in the version of OpenStack oslo.messaging from 1.0.0 to 17.3.0. These vulnerabilities stem from the fact that the RabbitMQ driver does not perform TLS hostname verification. Any...

7.4CVSS5.3AI score0.0016EPSS
Exploits0References2
Rows per page
Query Builder