Lucene search
K

10 matches found

RedhatCVE
RedhatCVE
added 2026/06/08 2:58 a.m.10 views

CVE-2026-49299

A flaw was found in OpenStack Neutron. The tagging controller incorrectly enforces plural policy action names for single-tag write operations, while the defined policy rules use singular names. This mismatch allows a project reader to bypass intended policy restrictions, enabling them to create a...

5.3CVSS5.7AI score0.00295EPSS
Exploits0References6
OSV
OSV
added 2026/05/29 12:38 a.m.2 views

GHSA-XV24-HXH9-2HH9 OpenStack Neutron has an Incorrect Authorization issue

In OpenStack Neutron before 28.0.1, the tagging controller enforces plural policy action names on single-tag write operations while the defined policy rules use singular names. The mismatched names evaluate as allowed under the default policy, permitting a project reader to create and update tags...

5.3CVSS5.8AI score0.00295EPSS
Exploits0References6
NVD
NVD
added 2026/05/28 10:17 p.m.11 views

CVE-2026-49299

In OpenStack Neutron before 28.0.1, the tagging controller enforces plural policy action names on single-tag write operations while the defined policy rules use singular names. The mismatched names evaluate as allowed under the default policy, permitting a project reader to create and update tags...

5.3CVSS0.00295EPSS
Exploits0References4
OSV
OSV
added 2026/05/28 10:17 p.m.6 views

DEBIAN-CVE-2026-49299

In OpenStack Neutron before 28.0.1, the tagging controller enforces plural policy action names on single-tag write operations while the defined policy rules use singular names. The mismatched names evaluate as allowed under the default policy, permitting a project reader to create and update tags...

5.3CVSS5.8AI score0.00295EPSS
Exploits0References1
OSV
OSV
added 2026/05/28 10:17 p.m.11 views

UBUNTU-CVE-2026-49299

In OpenStack Neutron before 28.0.1, the tagging controller enforces plural policy action names on single-tag write operations while the defined policy rules use singular names. The mismatched names evaluate as allowed under the default policy, permitting a project reader to create and update tags...

5.3CVSS5.8AI score0.00295EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/05/28 9:53 p.m.31 views

CVE-2026-49299

In OpenStack Neutron before 28.0.1, the tagging controller enforces plural policy action names on single-tag write operations while the defined policy rules use singular names. The mismatched names evaluate as allowed under the default policy, permitting a project reader to create and update tags...

5.3CVSS0.00295EPSS
Exploits0References3
OSV
OSV
added 2026/05/28 9:53 p.m.4 views

CVE-2026-49299

In OpenStack Neutron before 28.0.1, the tagging controller enforces plural policy action names on single-tag write operations while the defined policy rules use singular names. The mismatched names evaluate as allowed under the default policy, permitting a project reader to create and update tags...

5.3CVSS6AI score0.00295EPSS
Exploits0References7
CVE
CVE
added 2026/05/28 9:53 p.m.31 views

CVE-2026-49299

OpenStack Neutron prior to 28.0.1 is affected: the tagging controller enforces plural policy action names on single-tag write operations while policy rules use singular names, causing the mismatch to evaluate as allowed under the default policy. This permits a project reader to create and update ...

5.3CVSS5.8AI score0.00295EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.17 views

PT-2026-44555

Name of the Vulnerable Software and Affected Versions OpenStack Neutron versions 26.0.0 through 28.0.0 Description The tagging controller enforces plural policy action names on single-tag write operations, whereas the defined policy rules use singular names. This mismatch causes the default polic...

5.3CVSS5.8AI score0.00295EPSS
Exploits0References13
Positive Technologies
Positive Technologies
added 2020/08/29 12:0 a.m.7 views

PT-2020-5503 · Mpxj · Mpxj

Name of the Vulnerable Software and Affected Versions: MPXJ versions 8.1.3 and earlier Description: The issue is related to the incorrect restriction of XML external entity references in the GanttProjectReader and PhoenixReader components of the MPXJ library. This can allow a remote attacker to...

9.8CVSS9.2AI score0.02591EPSS
Exploits0References9
Rows per page
Query Builder