Filtered by vendor Opendev
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-44020 | 2 Fedoraproject, Opendev | 3 Fedora, Sushy-tools, Virtualbmc | 2023-11-07 | 5.5 Medium |
| An issue was discovered in OpenStack Sushy-Tools through 0.21.0 and VirtualBMC through 2.2.2. Changing the boot device configuration with these packages removes password protection from the managed libvirt XML domain. NOTE: this only affects an "unsupported, production-like configuration." | ||||
| CVE-2019-17134 | 2 Canonical, Opendev | 2 Ubuntu Linux, Octavia | 2023-11-07 | 9.1 Critical |
| Amphora Images in OpenStack Octavia >=0.10.0 <2.1.2, >=3.0.0 <3.2.0, >=4.0.0 <4.1.0 allows anyone with access to the management network to bypass client-certificate based authentication and retrieve information or issue configuration commands via simple HTTP requests to the Agent on port https/9443, because the cmd/agent.py gunicorn cert_reqs option is True but is supposed to be ssl.CERT_REQUIRED. | ||||
Page 1 of 1.