Lucene search
K
RedhatOpenstack For Ibm Power

5 matches found

CVE
CVE
added 2020/08/07 3:24 p.m.3195 views

CVE-2020-9490

CVE-2020-9490 affects Apache HTTP Server versions 2.4.20–2.4.43. A specially crafted value for the Cache-Digest header in an HTTP/2 request could cause a crash when the server subsequently attempts to HTTP/2 PUSH a resource. Mitigation for unpatched servers is to disable HTTP/2 PUSH via H2Push of...

7.5CVSS8.3AI score0.89744EPSS
In wild
CVE
CVE
added 2019/10/16 3:23 p.m.250 views

CVE-2019-11281

CVE-2019-11281 affects Pivotal RabbitMQ and RabbitMQ for PCF where two UI components (virtual host limits page and federation management UI) fail to sanitize user input. A remote authenticated administrator could craft a cross-site scripting attack to access virtual hosts and policy management in...

4.8CVSS4.9AI score0.01165EPSS
CVE
CVE
added 2023/01/18 12:0 a.m.133 views

CVE-2022-3100

The CVE-2022-3100 issue affects the openstack-barbican component and enables an access policy bypass via a query string when calling the API. This vulnerability is discussed across multiple sources, with explicit confirmation in the SUSE-SU-2023:0071-1 security update: openstack-barbican Fixes CV...

5.9CVSS5.4AI score0.00433EPSS
CVE
CVE
added 2023/03/23 12:0 a.m.108 views

CVE-2022-3146

CVE-2022-3146 is described in public advisories as a vulnerability in Red Hat OpenStack Platform (tripleo-ansible) where an insecure default configuration leaves a sensitive file with insufficient permissions. This can allow a local attacker to brute-force the relevant directory and discover the ...

5.5CVSS4.9AI score0.002EPSS
CVE
CVE
added 2023/03/23 12:0 a.m.102 views

CVE-2022-3101

The CVE-2022-3101 entry affects tripleo-ansible, where an insecure default configuration leaves a sensitive file with insufficient permissions. This enables a local attacker to brute-force the relevant directory to discover the file, leading to disclosure of important OpenStack deployment configu...

5.5CVSS4.9AI score0.00201EPSS