Moderate severityNVD Advisory· Published Sep 24, 2023· Updated Sep 24, 2024
Incomplete container isolation
CVE-2023-1636
Description
A vulnerability was found in OpenStack Barbican containers. This vulnerability is only applicable to deployments that utilize an all-in-one configuration. Barbican containers share the same CGROUP, USER, and NET namespace with the host system and other OpenStack services. If any service is compromised, it could gain access to the data transmitted to and from Barbican.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
barbicanPyPI | <= 16.0.0 | — |
Affected products
6- RDO/OpenStack RDOv5
Patches
Vulnerability mechanics
References
4- github.com/advisories/GHSA-6rx9-c2rh-3qv4ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2023-1636ghsaADVISORY
- access.redhat.com/security/cve/CVE-2023-1636ghsavdb-entryx_refsource_REDHATWEB
- bugzilla.redhat.com/show_bug.cgighsaissue-trackingx_refsource_REDHATWEB
News mentions
0No linked articles in our index yet.