2 matches found
CVE-2019-3895
CVE-2019-3895 describes an access-control flaw in the OpenStack Octavia service when deployed with Red Hat OpenStack Platform Director. The issue lets an attacker cause new amphorae to run from an arbitrary image; a remote attacker could upload a compromised amphora image and Octavia could spawn ...
CVE-2018-16856
CVE-2018-16856 affects the OpenStack Load Balancing service (openstack-octavia) in Red Hat OpenStack Platform Director installations. In affected builds, openstack-octavia before versions 2.0.2-5 and 3.0.1-0.20181009115732 creates log files readable by all users, allowing sensitive data such as p...