153 matches found
GHSA-QCJ3-H27M-MP9X Openstack Octavia allows Insertion of Sensitive Information into Log File
In a default Red Hat Openstack Platform Director installation, openstack-octavia before versions openstack-octavia 2.0.2-5 and openstack-octavia-3.0.1-0.20181009115732 creates log files that are readable by all users. Sensitive information such as private keys can appear in these log files allowi...
Openstack Octavia allows Insertion of Sensitive Information into Log File
In a default Red Hat Openstack Platform Director installation, openstack-octavia before versions openstack-octavia 2.0.2-5 and openstack-octavia-3.0.1-0.20181009115732 creates log files that are readable by all users. Sensitive information such as private keys can appear in these log files allowi...
RHEL 8 : Red Hat OpenStack Platform 16.1 (python-twisted) (RHSA-2022:1646)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:1646 advisory. Twisted is a networking engine written in Python, supporting numerous protocols. It contains a web server, numerous chat clients, chat servers, mail...
RHEL 7 : Red Hat OpenStack Platform 13.0 (python-waitress) (RHSA-2022:1264)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:1264 advisory. Pure-python WSGI server Security Fixes: Inconsistent Interpretation of HTTP Requests 'HTTP Request Smuggling' CVE-2022-24761 For more details about t...
Important: Red Hat Security Advisory: Red Hat OpenStack Platform 16.2 (python-waitress) security update
An update for python-waitress is now available for Red Hat OpenStack Platform 16.2 Train. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
RHEL 8 : Red Hat OpenStack Platform 16.1 (golang-qpid-apache) (RHSA-2022:0989)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:0989 advisory. Golang binding library for qpid-proton Security Fixes: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet...
RHEL 8 : Red Hat OpenStack Platform 16.1 (python-twisted) (RHSA-2022:0982)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:0982 advisory. Twisted is a networking engine written in Python, supporting numerous protocols. It contains a web server, numerous chat clients, chat...
RHEL 8 : Red Hat OpenStack Platform 16.1 (golang-github-vbatts-tar-split) (RHSA-2022:0988)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:0988 advisory. Security Fixes: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet CVE-2021-29923 golang:...
RHEL 8 : Red Hat OpenStack Platform 16.1 (openstack-neutron) (RHSA-2022:0990)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:0990 advisory. OpenStack Networking neutron is a virtual network service for OpenStack. Just as OpenStack Compute nova provides an API to dynamically request and...
RHEL 8 : Red Hat OpenStack Platform 16.1 (numpy) (RHSA-2022:0987)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0987 advisory. A fast multidimensional array facility for Python Security Fixes: buffer overflow in the PyArrayNewFromDescrint in ctors.c CVE-2021-33430...
Moderate: Red Hat Security Advisory: Red Hat OpenStack Platform 16.1 (numpy) security update
An update for numpy is now available for Red Hat OpenStack Platform 16.1 Train. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...
RHEL 8 : Red Hat OpenStack Platform 16.2 (python-oslo-utils) (RHSA-2022:0993)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:0993 advisory. The OpenStack Oslo Utility library. Security Fixes: incorrect password masking in debug output CVE-2022-0718 For more details about the security...
RHEL 8 : Red Hat OpenStack Platform 16.2 (python-twisted) (RHSA-2022:0992)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:0992 advisory. Twisted is a networking engine written in Python, supporting numerous protocols. It contains a web server, numerous chat clients, chat...
RHEL 8 : Red Hat OpenStack Platform 16.2 (openstack-tripleo-heat-templates) (RHSA-2022:0995)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:0995 advisory. Heat templates for TripleO Security Fixes: Data leak of internal URL through keystoneauthtoken CVE-2021-4180 For more details about the security...
RHEL 8 : Red Hat OpenStack Platform 16.1 (etcd) (RHSA-2022:0260)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:0260 advisory. A highly-available key value store for shared configuration Security Fixes: net/http: limit growth of header canonicalization cache...
Important: Red Hat Security Advisory: Red Hat OpenStack Platform 16.1 (etcd) security update
An update for etcd is now available for Red Hat OpenStack Platform 16.1 Train. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...
Important: Red Hat Security Advisory: Red Hat OpenStack Platform 16.2 (etcd) security update
An update for etcd is now available for Red Hat OpenStack Platform 16.2 Train. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...
RHEL 8 : Red Hat OpenStack Platform 16.1 (etcd) (RHSA-2021:5072)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:5072 advisory. A highly-available key value store for shared configuration Security Fixes: net/http: panic in ReadRequest and ReadResponse when reading a...
RHEL 8 : Red Hat OpenStack Platform 16.1 (python-django20) (RHSA-2021:5070)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:5070 advisory. Security Fixes: Potential directory-traversal via archive.extract CVE-2021-3281 potential directory-traversal via uploaded files...
RHEL 7 : Red Hat OpenStack Platform 13.0 (redis) (RHSA-2021:3980)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:3980 advisory. Redis is an advanced key-value store. Security Fixes: Lua scripts can overflow the heap-based Lua stack CVE-2021-32626 Integer overflow issu...