rpm package
suse/openstack-horizon-plugin-designate-ui&distro=SUSE OpenStack Cloud 7
pkg:rpm/suse/openstack-horizon-plugin-designate-ui&distro=SUSE%20OpenStack%20Cloud%207
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-15139 | — | < 3.0.2~dev1-3.9.3 | 3.0.2~dev1-3.9.3 | Aug 27, 2018 | A vulnerability was found in openstack-cinder releases up to and including Queens, allowing newly created volumes in certain storage volume configurations to contain previous data. It specifically affects ScaleIO volumes using thin volumes and zero padding. This could lead to lea | ||
| CVE-2018-14432 | — | < 3.0.2~dev1-3.6.1 | 3.0.2~dev1-3.6.1 | Jul 31, 2018 | In the Federation component of OpenStack Keystone before 11.0.4, 12.0.0, and 13.0.0, an authenticated "GET /v3/OS-FEDERATION/projects" request may bypass intended access restrictions on listing projects. An authenticated user may discover projects they have no authority to access |
- CVE-2017-15139Aug 27, 2018affected < 3.0.2~dev1-3.9.3fixed 3.0.2~dev1-3.9.3
A vulnerability was found in openstack-cinder releases up to and including Queens, allowing newly created volumes in certain storage volume configurations to contain previous data. It specifically affects ScaleIO volumes using thin volumes and zero padding. This could lead to lea
- CVE-2018-14432Jul 31, 2018affected < 3.0.2~dev1-3.6.1fixed 3.0.2~dev1-3.6.1
In the Federation component of OpenStack Keystone before 11.0.4, 12.0.0, and 13.0.0, an authenticated "GET /v3/OS-FEDERATION/projects" request may bypass intended access restrictions on listing projects. An authenticated user may discover projects they have no authority to access