rpm package
suse/openstack-neutron-doc&distro=SUSE OpenStack Cloud 7
pkg:rpm/suse/openstack-neutron-doc&distro=SUSE%20OpenStack%20Cloud%207
Vulnerabilities (27)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-2614 | — | < 9.4.2~dev21-7.35.1 | 9.4.2~dev21-7.35.1 | Apr 23, 2019 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.43 and prior, 5.7.25 and prior and 8.0.15 and prior. Difficult to exploit vulnerability allows high privileged attacker with network acces | ||
| CVE-2018-19039 | — | < 9.4.2~dev21-7.32.1 | 9.4.2~dev21-7.32.1 | Dec 13, 2018 | Grafana before 4.6.5 and 5.x before 5.3.3 allows remote authenticated users to read arbitrary files by leveraging Editor or Admin permissions. | ||
| CVE-2018-15727 | — | < 9.4.2~dev21-7.32.1 | 9.4.2~dev21-7.32.1 | Aug 29, 2018 | Grafana 2.x, 3.x, and 4.x before 4.6.4 and 5.x before 5.2.3 allows authentication bypass because an attacker can generate a valid "remember me" cookie knowing only a username of an LDAP or OAuth user. | ||
| CVE-2017-15139 | — | < 9.4.2~dev21-7.27.3 | 9.4.2~dev21-7.27.3 | Aug 27, 2018 | A vulnerability was found in openstack-cinder releases up to and including Queens, allowing newly created volumes in certain storage volume configurations to contain previous data. It specifically affects ScaleIO volumes using thin volumes and zero padding. This could lead to lea | ||
| CVE-2016-10127 | Cri | 9.0 | < 9.4.2~dev21-7.32.1 | 9.4.2~dev21-7.32.1 | Mar 3, 2017 | PySAML2 allows remote attackers to conduct XML external entity (XXE) attacks via a crafted SAML XML request or response. | |
| CVE-2016-0775 | Med | 6.5 | < 9.4.2~dev21-7.43.1 | 9.4.2~dev21-7.43.1 | Apr 13, 2016 | Buffer overflow in the ImagingFliDecode function in libImaging/FliDecode.c in Pillow before 3.1.1 allows remote attackers to cause a denial of service (crash) via a crafted FLI file. | |
| CVE-2015-3448 | — | < 9.4.2~dev21-7.38.1 | 9.4.2~dev21-7.38.1 | Apr 29, 2015 | REST client for Ruby (aka rest-client) before 1.7.3 logs usernames and passwords, which allows local users to obtain sensitive information by reading the log. |
- CVE-2019-2614Apr 23, 2019affected < 9.4.2~dev21-7.35.1fixed 9.4.2~dev21-7.35.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.43 and prior, 5.7.25 and prior and 8.0.15 and prior. Difficult to exploit vulnerability allows high privileged attacker with network acces
- CVE-2018-19039Dec 13, 2018affected < 9.4.2~dev21-7.32.1fixed 9.4.2~dev21-7.32.1
Grafana before 4.6.5 and 5.x before 5.3.3 allows remote authenticated users to read arbitrary files by leveraging Editor or Admin permissions.
- CVE-2018-15727Aug 29, 2018affected < 9.4.2~dev21-7.32.1fixed 9.4.2~dev21-7.32.1
Grafana 2.x, 3.x, and 4.x before 4.6.4 and 5.x before 5.2.3 allows authentication bypass because an attacker can generate a valid "remember me" cookie knowing only a username of an LDAP or OAuth user.
- CVE-2017-15139Aug 27, 2018affected < 9.4.2~dev21-7.27.3fixed 9.4.2~dev21-7.27.3
A vulnerability was found in openstack-cinder releases up to and including Queens, allowing newly created volumes in certain storage volume configurations to contain previous data. It specifically affects ScaleIO volumes using thin volumes and zero padding. This could lead to lea
- affected < 9.4.2~dev21-7.32.1fixed 9.4.2~dev21-7.32.1
PySAML2 allows remote attackers to conduct XML external entity (XXE) attacks via a crafted SAML XML request or response.
- affected < 9.4.2~dev21-7.43.1fixed 9.4.2~dev21-7.43.1
Buffer overflow in the ImagingFliDecode function in libImaging/FliDecode.c in Pillow before 3.1.1 allows remote attackers to cause a denial of service (crash) via a crafted FLI file.
- CVE-2015-3448Apr 29, 2015affected < 9.4.2~dev21-7.38.1fixed 9.4.2~dev21-7.38.1
REST client for Ruby (aka rest-client) before 1.7.3 logs usernames and passwords, which allows local users to obtain sensitive information by reading the log.
Page 2 of 2