VYPR

rpm package

suse/openstack-ceilometer&distro=SUSE OpenStack Cloud 7

pkg:rpm/suse/openstack-ceilometer&distro=SUSE%20OpenStack%20Cloud%207

Vulnerabilities (4)

  • CVE-2018-1000872Dec 20, 2018
    affected < 7.1.1~dev4-4.15.3fixed 7.1.1~dev4-4.15.3

    OpenKMIP PyKMIP version All versions before 0.8.0 contains a CWE 399: Resource Management Errors (similar issue to CVE-2015-5262) vulnerability in PyKMIP server that can result in DOS: the server can be made unavailable by one or more clients opening all of the available sockets.

  • CVE-2017-1000433HigJan 2, 2018
    affected < 7.1.1~dev4-4.15.3fixed 7.1.1~dev4-4.15.3

    pysaml2 version 4.4.0 and older accept any password when run with python optimizations enabled. This allows attackers to log in as any user without knowing their password.

  • CVE-2017-7400MedApr 3, 2017
    affected < 7.0.4~a0~dev7-3.1fixed 7.0.4~a0~dev7-3.1

    OpenStack Horizon 9.x through 9.1.1, 10.x through 10.0.2, and 11.0.0 allows remote authenticated administrators to conduct XSS attacks via a crafted federation mapping.

  • CVE-2017-7214CriMar 21, 2017
    affected < 7.0.4~a0~dev7-3.1fixed 7.0.4~a0~dev7-3.1

    An issue was discovered in exception_wrapper.py in OpenStack Nova 13.x through 13.1.3, 14.x through 14.0.4, and 15.x through 15.0.1. Legacy notification exception contexts appearing in ERROR level logs may include sensitive information such as account passwords and authorization