cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2019-3895,https://securityvulnerability.io/vulnerability/CVE-2019-3895,Access Control Flaw in Octavia Service for Red Hat OpenStack Platform,"An access-control flaw in the Octavia service allows attackers to deploy vulnerable amphorae images in the Red Hat OpenStack Platform. This flaw lets remote attackers upload compromised images which, when spawning new amphorae, Octavia unwittingly utilizes, potentially leading to security breaches and elevated privileges.",Red Hat,Openstack-tripleo-common,5.5,MEDIUM,0.00406000018119812,false,,false,false,false,,,false,false,,2019-06-03T18:04:56.000Z,0
CVE-2017-2627,https://securityvulnerability.io/vulnerability/CVE-2017-2627,,A flaw was found in openstack-tripleo-common as shipped with Red Hat Openstack Enterprise 10 and 11. The sudoers file as installed with OSP's openstack-tripleo-common package is much too permissive. It contains several lines for the mistral user that have wildcards that allow directory traversal with '..' and it grants full passwordless root access to the validations user.,Red Hat,Openstack-tripleo-common,8.2,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2018-08-22T17:00:00.000Z,0