本ページは redhat openstack に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2019-10141 | A vulnerability was found in openstack-ironic-inspector all versions excluding 5.0.2, 6.0.3, 7.2.4, 8.0.3 and 8.2.1. A SQL-injection vulnerability was found in openstack-ironic-inspector's node_cache.find_node(). This function makes a SQL query using unfiltered data from a server reporting inspection results (by a POST to the /v1/continue endpoint). Because the API is unauthenticated, the flaw could be exploited by an attacker with access to the network on which ironic-inspector is listening. Be | [email protected] | 8.3 | 2.46% | 2019-07-30 | 2026-06-16 |
| CVE-2019-10193 | A stack-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By corrupting a hyperloglog using the SETRANGE command, an attacker could cause Redis to perform controlled increments of up to 12 bytes past the end of a stack-allocated buffer. | [email protected] | 7.2 | 23.70% | 2019-07-11 | 2026-06-16 |
| CVE-2019-10192 | A heap-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By carefully corrupting a hyperloglog using the SETRANGE command, an attacker could trick Redis interpretation of dense HLL encoding to write up to 3 bytes beyond the end of a heap-allocated buffer. | [email protected] | 7.2 | 26.05% | 2019-07-11 | 2026-06-16 |
| CVE-2019-3895 | An access-control flaw was found in the Octavia service when the cloud platform was deployed using Red Hat OpenStack Platform Director. An attacker could cause new amphorae to run based on any arbitrary image. This meant that a remote attacker could upload a new amphorae image and, if requested to spawn new amphorae, Octavia would then pick up the compromised image. | [email protected] | 8.0 | 1.42% | 2019-06-03 | 2026-06-16 |
| CVE-2019-0223 | While investigating bug PROTON-2014, we discovered that under some circumstances Apache Qpid Proton versions 0.9 to 0.27.0 (C library and its language bindings) can connect to a peer anonymously using TLS *even when configured to verify the peer certificate* while used with OpenSSL versions before 1.1.0. This means that an undetected man in the middle attack could be constructed if an attacker can arrange to intercept TLS traffic. | [email protected] | 7.4 | 6.15% | 2019-04-23 | 2026-06-16 |
| CVE-2019-10876 | An issue was discovered in OpenStack Neutron 11.x before 11.0.7, 12.x before 12.0.6, and 13.x before 13.0.3. By creating two security groups with separate/overlapping port ranges, an authenticated user may prevent Neutron from being able to configure networks on any compute nodes where those security groups are present, because of an Open vSwitch (OVS) firewall KeyError. All Neutron deployments utilizing neutron-openvswitch-agent are affected. | [email protected] | 6.5 | 1.76% | 2019-04-05 | 2026-06-16 |
| CVE-2019-3830 | A vulnerability was found in ceilometer before version 12.0.0.0rc1. An Information Exposure in ceilometer-agent prints sensitive configuration data to log files without DEBUG logging being activated. | [email protected] | 7.8 | 0.39% | 2019-03-26 | 2026-06-16 |
| CVE-2018-16856 | In a default Red Hat Openstack Platform Director installation, openstack-octavia before versions openstack-octavia 2.0.2-5 and openstack-octavia-3.0.1-0.20181009115732 creates log files that are readable by all users. Sensitive information such as private keys can appear in these log files allowing for information exposure. | [email protected] | 5.5 | 0.88% | 2019-03-26 | 2026-06-16 |
| CVE-2019-9735 | An issue was discovered in the iptables firewall module in OpenStack Neutron before 10.0.8, 11.x before 11.0.7, 12.x before 12.0.6, and 13.x before 13.0.3. By setting a destination port in a security group rule along with a protocol that doesn't support that option (for example, VRRP), an authenticated user may block further application of security group rules for instances from any project/tenant on the compute hosts to which it's applied. (Only deployments using the iptables security group dri | [email protected] | 6.5 | 3.64% | 2019-03-12 | 2026-06-16 |
| CVE-2018-16876 | ansible before versions 2.5.14, 2.6.11, 2.7.5 is vulnerable to a information disclosure flaw in vvv+ mode with no_log on that can lead to leakage of sensible data. | [email protected] | 5.3 | 2.46% | 2019-01-03 | 2026-06-16 |
| CVE-2016-2121 | A permissions flaw was found in redis, which sets weak permissions on certain files and directories that could potentially contain sensitive information. A local, unprivileged user could possibly use this flaw to access unauthorized system information. | [email protected] | 4.0 | 0.37% | 2018-10-31 | 2026-06-16 |
| CVE-2018-18438 | Qemu has integer overflows because IOReadHandler and its associated functions use a signed integer data type for a size value. | [email protected] | 5.5 | 0.44% | 2018-10-19 | 2026-06-16 |
| CVE-2018-17963 | qemu_deliver_packet_iov in net/net.c in Qemu accepts packet sizes greater than INT_MAX, which allows attackers to cause a denial of service or possibly have unspecified other impact. | [email protected] | 9.8 | 4.78% | 2018-10-09 | 2026-06-16 |
| CVE-2018-1000808 | Python Cryptographic Authority pyopenssl version Before 17.5.0 contains a CWE - 401 : Failure to Release Memory Before Removing Last Reference vulnerability in PKCS #12 Store that can result in Denial of service if memory runs low or is exhausted. This attack appear to be exploitable via Depends upon calling application, however it could be as simple as initiating a TLS connection. Anything that would cause the calling application to reload certificates from a PKCS #12 store.. This vulnerability | [email protected] | 5.9 | 1.90% | 2018-10-08 | 2026-06-16 |
| CVE-2018-1000807 | Python Cryptographic Authority pyopenssl version prior to version 17.5.0 contains a CWE-416: Use After Free vulnerability in X509 object handling that can result in Use after free can lead to possible denial of service or remote code execution.. This attack appear to be exploitable via Depends on the calling application and if it retains a reference to the memory.. This vulnerability appears to have been fixed in 17.5.0. | [email protected] | 8.1 | 4.08% | 2018-10-08 | 2026-06-16 |
| CVE-2018-17206 | An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6. The decode_bundle function inside lib/ofp-actions.c is affected by a buffer over-read issue during BUNDLE action decoding. | [email protected] | 4.9 | 2.05% | 2018-09-19 | 2026-06-16 |
| CVE-2018-17205 | An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, affecting ofproto_rule_insert__ in ofproto/ofproto.c. During bundle commit, flows that are added in a bundle are applied to ofproto in order. If a flow cannot be added (e.g., the flow action is a go-to for a group id that does not exist), OvS tries to revert back all previous flows that were successfully applied from the same bundle. This is possible since OvS maintains list of old flows that were replaced by flows from the bundl | [email protected] | 7.5 | 2.53% | 2018-09-19 | 2026-06-16 |
| CVE-2018-17204 | An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, affecting parse_group_prop_ntr_selection_method in lib/ofp-util.c. When decoding a group mod, it validates the group type and command after the whole group mod has been decoded. The OF1.5 decoder, however, tries to use the type and command earlier, when it might still be invalid. This causes an assertion failure (via OVS_NOT_REACHED). ovs-vswitchd does not enable support for OpenFlow 1.5 by default. | [email protected] | 4.3 | 1.91% | 2018-09-19 | 2026-06-16 |
| CVE-2018-14635 | When using the Linux bridge ml2 driver, non-privileged tenants are able to create and attach ports without specifying an IP address, bypassing IP address validation. A potential denial of service could occur if an IP address, conflicting with existing guests or routers, is then assigned from outside of the allowed allocation pool. Versions of openstack-neutron before 13.0.0.0b2, 12.0.3 and 11.0.5 are vulnerable. | [email protected] | 6.5 | 2.53% | 2018-09-10 | 2026-06-16 |
| CVE-2018-14620 | The OpenStack RabbitMQ container image insecurely retrieves the rabbitmq_clusterer component over HTTP during the build stage. This could potentially allow an attacker to serve malicious code to the image builder and install in the resultant container image. Version of openstack-rabbitmq-container and openstack-containers as shipped with Red Hat Openstack 12, 13, 14 are believed to be vulnerable. | [email protected] | 4.7 | 0.60% | 2018-09-10 | 2026-06-16 |