Openstack Security Vulnerabilities and Issues — Openstack CVE List

Lucene search

RedhatOpenstack

17 matches found

CVE•added 2022/02/18 6:15 p.m.•838 views

CVE-2020-25717

A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible privilege escalation.

8.5CVSS8.1AI score0.00154EPSS

CVE•added 2018/10/08 3:29 p.m.•538 views

CVE-2018-1000807

Python Cryptographic Authority pyopenssl version prior to version 17.5.0 contains a CWE-416: Use After Free vulnerability in X509 object handling that can result in Use after free can lead to possible denial of service or remote code execution.. This attack appear to be exploitable via Depends on t...

8.1CVSS8.4AI score0.04509EPSS

CVE•added 2018/08/09 8:29 p.m.•389 views

CVE-2018-10915

A vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections. If an affected version of libpq was used with "host" or "hostaddr" connection parameters from untrusted input, attackers could bypass client-side co...

8.5CVSS7.3AI score0.01557EPSS

CVE•added 2022/03/04 7:15 p.m.•321 views

CVE-2021-3656

A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "virt_ext" field, this issue could allow a malici...

8.8CVSS8.6AI score0.00057EPSS

CVE•added 2019/12/26 5:15 p.m.•228 views

CVE-2019-16789

In Waitress through version 1.4.0, if a proxy server is used in front of waitress, an invalid request may be sent by an attacker that bypasses the front-end and is parsed differently by waitress leading to a potential for HTTP request smuggling. Specially crafted requests containing special whitesp...

8.2CVSS6.8AI score0.0035EPSS

CVE•added 2018/06/13 4:29 p.m.•218 views

CVE-2018-11806

m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow via incoming fragmented datagrams.

8.2CVSS8.4AI score0.00055EPSS

CVE•added 2018/06/22 1:29 p.m.•145 views

CVE-2017-7466

Ansible before version 2.3 has an input validation vulnerability in the handling of data sent from client systems. An attacker with control over a client system being managed by Ansible, and the ability to send facts back to the Ansible server, could use this flaw to execute arbitrary code on the A...

8.5CVSS8AI score0.02503EPSS

CVE•added 2016/05/11 9:59 p.m.•137 views

CVE-2016-3710

The VGA module in QEMU improperly performs bounds checking on banked access to video memory, which allows local guest OS administrators to execute arbitrary code on the host by changing access modes after setting the bank register, aka the "Dark Portal" issue.

8.8CVSS8.7AI score0.00086EPSS

CVE•added 2019/06/03 7:29 p.m.•121 views

CVE-2019-3895

An access-control flaw was found in the Octavia service when the cloud platform was deployed using Red Hat OpenStack Platform Director. An attacker could cause new amphorae to run based on any arbitrary image. This meant that a remote attacker could upload a new amphorae image and, if requested to ...

8CVSS7.6AI score0.00691EPSS

CVE•added 2019/08/01 2:15 p.m.•105 views

CVE-2018-10899

A flaw was found in Jolokia versions from 1.2 to before 1.6.1. Affected versions are vulnerable to a system-wide CSRF. This holds true for properly configured instances with strict checking for origin and referrer headers. This could result in a Remote Code Execution attack.

8.8CVSS8.7AI score0.02129EPSS

CVE•added 2016/04/12 2:0 a.m.•104 views

CVE-2016-2857

The net_checksum_calculate function in net/checksum.c in QEMU allows local guest OS users to cause a denial of service (out-of-bounds heap read and crash) via the payload length in a crafted packet.

8.4CVSS6.6AI score0.00058EPSS

CVE•added 2016/04/12 2:0 a.m.•102 views

CVE-2016-1568

Use-after-free vulnerability in hw/ide/ahci.c in QEMU, when built with IDE AHCI Emulation support, allows guest OS users to cause a denial of service (instance crash) or possibly execute arbitrary code via an invalid AHCI Native Command Queuing (NCQ) AIO command.

8.8CVSS9.2AI score0.0033EPSS

CVE•added 2016/04/07 7:59 p.m.•100 views

CVE-2016-1714

The (1) fw_cfg_write and (2) fw_cfg_read functions in hw/nvram/fw_cfg.c in QEMU before 2.4, when built with the Firmware Configuration device emulation support, allow guest OS users with the CAP_SYS_RAWIO privilege to cause a denial of service (out-of-bounds read or write access and process crash) ...

8.1CVSS8.5AI score0.00158EPSS

CVE•added 2022/12/21 11:14 p.m.•75 views

CVE-2022-38065

A privilege escalation vulnerability exists in the oslo.privsep functionality of OpenStack git master 05194e7618 and prior. Overly permissive functionality within tools leveraging this library within a container can lead increased privileges.

8.8CVSS8.8AI score0.00077EPSS

CVE•added 2018/08/22 5:29 p.m.•54 views

CVE-2017-2627

A flaw was found in openstack-tripleo-common as shipped with Red Hat Openstack Enterprise 10 and 11. The sudoers file as installed with OSP's openstack-tripleo-common package is much too permissive. It contains several lines for the mistral user that have wildcards that allow directory traversal wi...

8.2CVSS8.2AI score0.00074EPSS

CVE•added 2018/07/30 5:29 p.m.•53 views

CVE-2018-10898

A vulnerability was found in openstack-tripleo-heat-templates before version 8.0.2-40. When deployed using Director using default configuration, Opendaylight in RHOSP13 is configured with easily guessable default credentials.

8.8CVSS8.5AI score0.00177EPSS

CVE•added 2016/06/30 4:59 p.m.•45 views

CVE-2016-4474

The image build process for the overcloud images in Red Hat OpenStack Platform 8.0 (Liberty) director and Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) director (aka overcloud-full) use a default root password of ROOTPW, which allows attackers to gain access via unspecified vectors.

8.8CVSS8.8AI score0.00172EPSS