rpm package
suse/venv-openstack-horizon&distro=SUSE OpenStack Cloud 9
pkg:rpm/suse/venv-openstack-horizon&distro=SUSE%20OpenStack%20Cloud%209
Vulnerabilities (115)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-22816 | — | < 14.1.1~dev11-4.39.1 | 14.1.1~dev11-4.39.1 | Jan 7, 2022 | path_getbbox in path.c in Pillow before 9.0.0 has a buffer over-read during initialization of ImagePath.Path. | ||
| CVE-2022-22815 | — | < 14.1.1~dev11-4.39.1 | 14.1.1~dev11-4.39.1 | Jan 7, 2022 | path_getbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path. | ||
| CVE-2021-44716 | — | < 14.1.1~dev11-4.39.1 | 14.1.1~dev11-4.39.1 | Jan 1, 2022 | net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests. | ||
| CVE-2021-4104 | — | < 14.1.1~dev11-4.31.1 | 14.1.1~dev11-4.31.1 | Dec 14, 2021 | JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration. The attacker can provide TopicBindingName and TopicConnectionFactoryBindingName configurations causing JMSAppender to perform JNDI requests t | ||
| CVE-2021-43818 | — | < 14.1.1~dev11-4.39.1 | 14.1.1~dev11-4.39.1 | Dec 13, 2021 | lxml is a library for processing XML and HTML in the Python language. Prior to version 4.6.5, the HTML Cleaner in lxml.html lets certain crafted script content pass through, as well as script content in SVG files embedded using data URIs. Users that employ the HTML cleaner in a s | ||
| CVE-2021-43813 | — | < 14.1.1~dev11-4.39.1 | 14.1.1~dev11-4.39.1 | Dec 10, 2021 | Grafana is an open-source platform for monitoring and observability. Grafana prior to versions 8.3.2 and 7.5.12 contains a directory traversal vulnerability for fully lowercase or fully uppercase .md files. The vulnerability is limited in scope, and only allows access to files wi | ||
| CVE-2021-41184 | — | < 14.1.1~dev11-4.39.1 | 14.1.1~dev11-4.39.1 | Oct 26, 2021 | jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `of` option of the `.position()` util from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `of` option | ||
| CVE-2021-41183 | — | < 14.1.1~dev11-4.39.1 | 14.1.1~dev11-4.39.1 | Oct 26, 2021 | jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of various `*Text` options of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. The values passed to various `*Text | ||
| CVE-2021-41182 | — | < 14.1.1~dev11-4.39.1 | 14.1.1~dev11-4.39.1 | Oct 26, 2021 | jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `altField` option of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `altFi | ||
| CVE-2021-41136 | — | < 14.1.1~dev11-4.29.1 | 14.1.1~dev11-4.29.1 | Oct 12, 2021 | Puma is a HTTP 1.1 server for Ruby/Rack applications. Prior to versions 5.5.1 and 4.3.9, using `puma` with a proxy which forwards HTTP header values which contain the LF character could allow HTTP request smugggling. A client could smuggle a request through a proxy, causing the p | ||
| CVE-2021-39226 | — | KEV | < 14.1.1~dev11-4.41.1 | 14.1.1~dev11-4.41.1 | Oct 5, 2021 | Grafana is an open source data visualization platform. In affected versions unauthenticated and authenticated users are able to view the snapshot with the lowest database key by accessing the literal paths: /dashboard/snapshot/:key, or /api/snapshots/:key. If the snapshot "public | |
| CVE-2021-40085 | — | < 14.1.1~dev11-4.39.1 | 14.1.1~dev11-4.39.1 | Aug 31, 2021 | An issue was discovered in OpenStack Neutron before 16.4.1, 17.x before 17.2.1, and 18.x before 18.1.1. Authenticated attackers can reconfigure dnsmasq via a crafted extra_dhcp_opts value. | ||
| CVE-2021-38155 | — | < 14.1.1~dev11-4.39.1 | 14.1.1~dev11-4.39.1 | Aug 6, 2021 | OpenStack Keystone 10.x through 16.x before 16.0.2, 17.x before 17.0.1, 18.x before 18.0.1, and 19.x before 19.0.1 allows information disclosure during account locking (related to PCI DSS features). By guessing the name of an account and failing to authenticate multiple times, an | ||
| CVE-2021-33203 | — | < 14.1.1~dev11-4.27.3 | 14.1.1~dev11-4.27.3 | Jun 8, 2021 | Django before 2.2.24, 3.x before 3.1.12, and 3.2.x before 3.2.4 has a potential directory traversal via django.contrib.admindocs. Staff members could use the TemplateDetailView view to check the existence of arbitrary files. Additionally, if (and only if) the default admindocs te | ||
| CVE-2021-33571 | — | < 14.1.1~dev11-4.27.3 | 14.1.1~dev11-4.27.3 | Jun 8, 2021 | In Django 2.2 before 2.2.24, 3.x before 3.1.12, and 3.2 before 3.2.4, URLValidator, validate_ipv4_address, and validate_ipv46_address do not prohibit leading zero characters in octal literals. This may allow a bypass of access control that is based on IP addresses. (validate_ipv4 | ||
| CVE-2020-10743 | — | < 14.1.1~dev6-4.18.3 | 14.1.1~dev6-4.18.3 | Jun 2, 2021 | It was discovered that OpenShift Container Platform's (OCP) distribution of Kibana could open in an iframe, which made it possible to intercept and manipulate requests. This flaw allows an attacker to trick a user into performing arbitrary actions in OCP's distribution of Kibana, | ||
| CVE-2021-21419 | — | < 14.1.1~dev11-4.29.1 | 14.1.1~dev11-4.29.1 | May 7, 2021 | Eventlet is a concurrent networking library for Python. A websocket peer may exhaust memory on Eventlet side by sending very large websocket frames. Malicious peer may exhaust memory on Eventlet side by sending highly compressed data frame. A patch in version 0.31.0 restricts web | ||
| CVE-2021-31542 | — | < 14.1.1~dev11-4.27.3 | 14.1.1~dev11-4.27.3 | May 5, 2021 | In Django 2.2 before 2.2.21, 3.1 before 3.1.9, and 3.2 before 3.2.1, MultiPartParser, UploadedFile, and FieldFile allowed directory traversal via uploaded files with suitably crafted file names. | ||
| CVE-2021-28658 | — | < 14.1.1~dev11-4.27.3 | 14.1.1~dev11-4.27.3 | Apr 6, 2021 | In Django 2.2 before 2.2.20, 3.0 before 3.0.14, and 3.1 before 3.1.8, MultiPartParser allowed directory traversal via uploaded files with suitably crafted file names. Built-in upload handlers were not affected by this vulnerability. | ||
| CVE-2021-28957 | — | < 14.1.1~dev11-4.39.1 | 14.1.1~dev11-4.39.1 | Mar 21, 2021 | An XSS vulnerability was discovered in python-lxml's clean module versions before 4.6.3. When disabling the safe_attrs_only and forms arguments, the Cleaner class does not remove the formaction attribute allowing for JS to bypass the sanitizer. A remote attacker could exploit thi |
- CVE-2022-22816Jan 7, 2022affected < 14.1.1~dev11-4.39.1fixed 14.1.1~dev11-4.39.1
path_getbbox in path.c in Pillow before 9.0.0 has a buffer over-read during initialization of ImagePath.Path.
- CVE-2022-22815Jan 7, 2022affected < 14.1.1~dev11-4.39.1fixed 14.1.1~dev11-4.39.1
path_getbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path.
- CVE-2021-44716Jan 1, 2022affected < 14.1.1~dev11-4.39.1fixed 14.1.1~dev11-4.39.1
net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests.
- CVE-2021-4104Dec 14, 2021affected < 14.1.1~dev11-4.31.1fixed 14.1.1~dev11-4.31.1
JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration. The attacker can provide TopicBindingName and TopicConnectionFactoryBindingName configurations causing JMSAppender to perform JNDI requests t
- CVE-2021-43818Dec 13, 2021affected < 14.1.1~dev11-4.39.1fixed 14.1.1~dev11-4.39.1
lxml is a library for processing XML and HTML in the Python language. Prior to version 4.6.5, the HTML Cleaner in lxml.html lets certain crafted script content pass through, as well as script content in SVG files embedded using data URIs. Users that employ the HTML cleaner in a s
- CVE-2021-43813Dec 10, 2021affected < 14.1.1~dev11-4.39.1fixed 14.1.1~dev11-4.39.1
Grafana is an open-source platform for monitoring and observability. Grafana prior to versions 8.3.2 and 7.5.12 contains a directory traversal vulnerability for fully lowercase or fully uppercase .md files. The vulnerability is limited in scope, and only allows access to files wi
- CVE-2021-41184Oct 26, 2021affected < 14.1.1~dev11-4.39.1fixed 14.1.1~dev11-4.39.1
jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `of` option of the `.position()` util from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `of` option
- CVE-2021-41183Oct 26, 2021affected < 14.1.1~dev11-4.39.1fixed 14.1.1~dev11-4.39.1
jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of various `*Text` options of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. The values passed to various `*Text
- CVE-2021-41182Oct 26, 2021affected < 14.1.1~dev11-4.39.1fixed 14.1.1~dev11-4.39.1
jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `altField` option of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `altFi
- CVE-2021-41136Oct 12, 2021affected < 14.1.1~dev11-4.29.1fixed 14.1.1~dev11-4.29.1
Puma is a HTTP 1.1 server for Ruby/Rack applications. Prior to versions 5.5.1 and 4.3.9, using `puma` with a proxy which forwards HTTP header values which contain the LF character could allow HTTP request smugggling. A client could smuggle a request through a proxy, causing the p
- affected < 14.1.1~dev11-4.41.1fixed 14.1.1~dev11-4.41.1
Grafana is an open source data visualization platform. In affected versions unauthenticated and authenticated users are able to view the snapshot with the lowest database key by accessing the literal paths: /dashboard/snapshot/:key, or /api/snapshots/:key. If the snapshot "public
- CVE-2021-40085Aug 31, 2021affected < 14.1.1~dev11-4.39.1fixed 14.1.1~dev11-4.39.1
An issue was discovered in OpenStack Neutron before 16.4.1, 17.x before 17.2.1, and 18.x before 18.1.1. Authenticated attackers can reconfigure dnsmasq via a crafted extra_dhcp_opts value.
- CVE-2021-38155Aug 6, 2021affected < 14.1.1~dev11-4.39.1fixed 14.1.1~dev11-4.39.1
OpenStack Keystone 10.x through 16.x before 16.0.2, 17.x before 17.0.1, 18.x before 18.0.1, and 19.x before 19.0.1 allows information disclosure during account locking (related to PCI DSS features). By guessing the name of an account and failing to authenticate multiple times, an
- CVE-2021-33203Jun 8, 2021affected < 14.1.1~dev11-4.27.3fixed 14.1.1~dev11-4.27.3
Django before 2.2.24, 3.x before 3.1.12, and 3.2.x before 3.2.4 has a potential directory traversal via django.contrib.admindocs. Staff members could use the TemplateDetailView view to check the existence of arbitrary files. Additionally, if (and only if) the default admindocs te
- CVE-2021-33571Jun 8, 2021affected < 14.1.1~dev11-4.27.3fixed 14.1.1~dev11-4.27.3
In Django 2.2 before 2.2.24, 3.x before 3.1.12, and 3.2 before 3.2.4, URLValidator, validate_ipv4_address, and validate_ipv46_address do not prohibit leading zero characters in octal literals. This may allow a bypass of access control that is based on IP addresses. (validate_ipv4
- CVE-2020-10743Jun 2, 2021affected < 14.1.1~dev6-4.18.3fixed 14.1.1~dev6-4.18.3
It was discovered that OpenShift Container Platform's (OCP) distribution of Kibana could open in an iframe, which made it possible to intercept and manipulate requests. This flaw allows an attacker to trick a user into performing arbitrary actions in OCP's distribution of Kibana,
- CVE-2021-21419May 7, 2021affected < 14.1.1~dev11-4.29.1fixed 14.1.1~dev11-4.29.1
Eventlet is a concurrent networking library for Python. A websocket peer may exhaust memory on Eventlet side by sending very large websocket frames. Malicious peer may exhaust memory on Eventlet side by sending highly compressed data frame. A patch in version 0.31.0 restricts web
- CVE-2021-31542May 5, 2021affected < 14.1.1~dev11-4.27.3fixed 14.1.1~dev11-4.27.3
In Django 2.2 before 2.2.21, 3.1 before 3.1.9, and 3.2 before 3.2.1, MultiPartParser, UploadedFile, and FieldFile allowed directory traversal via uploaded files with suitably crafted file names.
- CVE-2021-28658Apr 6, 2021affected < 14.1.1~dev11-4.27.3fixed 14.1.1~dev11-4.27.3
In Django 2.2 before 2.2.20, 3.0 before 3.0.14, and 3.1 before 3.1.8, MultiPartParser allowed directory traversal via uploaded files with suitably crafted file names. Built-in upload handlers were not affected by this vulnerability.
- CVE-2021-28957Mar 21, 2021affected < 14.1.1~dev11-4.39.1fixed 14.1.1~dev11-4.39.1
An XSS vulnerability was discovered in python-lxml's clean module versions before 4.6.3. When disabling the safe_attrs_only and forms arguments, the Cleaner class does not remove the formaction attribute allowing for JS to bypass the sanitizer. A remote attacker could exploit thi
Page 2 of 6