PyPI package
vitrage
pkg:pypi/vitrage
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-28370 | — | >= 15.0.0.0rc1, < 15.0.1 | 15.0.1 | Feb 27, 2026 | In the query parser in OpenStack Vitrage before 12.0.1, 13.0.0, 14.0.0, and 15.0.0, a user allowed to access the Vitrage API may trigger code execution on the Vitrage service host as the user the Vitrage service runs under. This may result in unauthorized access to the host and f |
- CVE-2026-28370Feb 27, 2026affected >= 15.0.0.0rc1, < 15.0.1fixed 15.0.1
In the query parser in OpenStack Vitrage before 12.0.1, 13.0.0, 14.0.0, and 15.0.0, a user allowed to access the Vitrage API may trigger code execution on the Vitrage service host as the user the Vitrage service runs under. This may result in unauthorized access to the host and f