Moderate severityNVD Advisory· Published Apr 12, 2024· Updated Aug 15, 2024
CVE-2024-28718
CVE-2024-28718
Description
An issue in OpenStack magnum yoga-eom version allows a remote attacker to execute arbitrary code via the cert_manager.py. component.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
magnumPyPI | < 14.1.2 | 14.1.2 |
magnumPyPI | >= 17.0.0.0rc1, < 17.0.2 | 17.0.2 |
magnumPyPI | >= 16.0.0.0rc1, < 16.0.2 | 16.0.2 |
magnumPyPI | >= 15.0.0.0rc1, < 15.0.2 | 15.0.2 |
Affected products
2- OpenStack/magnumdescription
Patches
Vulnerability mechanics
References
9- github.com/advisories/GHSA-jx7x-9r98-h5xrghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2024-28718ghsaADVISORY
- bugs.launchpad.net/magnum/+bug/2047690ghsaWEB
- gist.github.com/Fewword/f098d8d6375ac25e27b18c0e57be532fghsaWEB
- github.com/openstack/magnum/commit/272fd686d8c8bf5954e9e7d3bc991ff27e46184dghsaWEB
- github.com/openstack/magnum/commit/312aa6a86ac8e62f6ed4f1e9473fdabbbb7a4b1eghsaWEB
- github.com/openstack/magnum/commit/883b40b5b0ecfc5f78758143c0d3c754458f12b7ghsaWEB
- github.com/openstack/magnum/commit/e79907c521149872c1b495355a3a7b3a0c7e3479ghsaWEB
- review.opendev.org/c/openstack/magnum/+/907305ghsaWEB
News mentions
0No linked articles in our index yet.