cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-6110,https://securityvulnerability.io/vulnerability/CVE-2023-6110,Scope Deletion Vulnerability Affects OpenStack Security,"A flaw was found in OpenStack. When a user tries to delete a non-existing access rule in it's scope, it deletes other existing access rules which are not associated with any application credentials.",Red Hat,"Red Hat Openstack Platform 17.1 For Rhel 8,Red Hat Openstack Platform 17.1 For Rhel 9,Red Hat Openstack Platform 16.1,Red Hat Openstack Platform 16.2,Red Hat Openstack Platform 17.0,Red Hat Openstack Platform 18.0",5.5,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2024-11-17T11:15:00.000Z,0
CVE-2024-4438,https://securityvulnerability.io/vulnerability/CVE-2024-4438,Incomplete Fix for CVE-2023-39325/CVE-2023-44487 in Red Hat OpenStack Platform,"The etcd package in the Red Hat OpenStack platform is vulnerable due to an incomplete fix related to previous CVEs, specifically CVE-2023-39325 and CVE-2023-44487, commonly referred to as Rapid Reset. This vulnerability arises because the etcd package utilizes the http://golang.org/x/net/http2 source instead of the properly managed version from Red Hat Enterprise Linux. This misconfiguration necessitates an update at compile time to ensure the integrity and security of the Red Hat OpenStack implementation. Organizations using affected versions should consider immediate remediation to mitigate potential security risks.",Red Hat,"Red Hat Openstack Platform 16.1,Red Hat Openstack Platform 16.2,Red Hat Openstack Platform 17.1 For Rhel 9,Red Hat Openstack Platform 18.0",7.5,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-05-08T08:59:42.187Z,0
CVE-2024-1394,https://securityvulnerability.io/vulnerability/CVE-2024-1394,Memory Leak Vulnerability in Golang RSA Code Could Lead to Resource Exhaustion,"A memory leak flaw has been identified in the RSA encrypting and decrypting code of the Golang FIPS OpenSSL library. This issue arises from improper handling of named return parameters, specifically within the RSA library's context initialization process. When errors occur during context initialization or property settings, the related pointers, namely 'pkey' and 'ctx', are left unfreed, leading to a potential resource exhaustion vulnerability. Attackers can exploit this flaw through crafted inputs, causing the application to exhaust memory resources.",Red Hat,"Red Hat Ansible Automation Platform 2.4 For Rhel 8,Red Hat Ansible Automation Platform 2.4 For Rhel 9,Red Hat Developer Tools,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9.0 Update Services For SAP Solutions,Red Hat Enterprise Linux 9.2 Extended Update Support,Red Hat Openshift Container Platform 4.12,Red Hat Openshift Container Platform 4.13,Red Hat Openshift Container Platform 4.14,Red Hat Openshift Container Platform 4.15,Red Hat Openstack Platform 16.2,Red Hat Openstack Platform 17.1 For Rhel 8,Red Hat Openstack Platform 17.1 For Rhel 9,Rhodf-4.16-rhel-9,Nbde Tang Server,Openshift Developer Tools And Services,Openshift Pipelines,Openshift Serverless,Red Hat Ansible Automation Platform 1.2,Red Hat Ansible Automation Platform 2,Red Hat Certification For Red Hat Enterprise Linux 8,Red Hat Certification For Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 7,Red Hat Openshift Container Platform 4,Red Hat Openshift Container Storage 4,Red Hat Openshift Dev Spaces,Red Hat Openshift Gitops,Red Hat Openshift On Aws,Red Hat Openshift Virtualization 4,Red Hat Openstack Platform 16.1,Red Hat Openstack Platform 17.1,Red Hat Openstack Platform 18.0,Red Hat Service Interconnect 1,Red Hat Software Collections,Red Hat Storage 3",7.5,HIGH,0.0006900000153109431,false,,false,false,false,,,false,false,,2024-03-21T12:16:38.790Z,0
CVE-2023-6725,https://securityvulnerability.io/vulnerability/CVE-2023-6725,Private Configuration Information Exposed in OpenStack Designate,An access-control flaw was found in the OpenStack Designate component where private configuration information including access keys to BIND were improperly made world readable. A malicious attacker with access to any container could exploit this flaw to access sensitive information.,Red Hat,"Red Hat Openstack Platform 17.1 For Rhel 8,Red Hat Openstack Platform 17.1 For Rhel 9,Red Hat Openstack Platform 16.1,Red Hat Openstack Platform 16.2,Red Hat Openstack Platform 17.1,Red Hat Openstack Platform 18.0",6.6,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-03-15T12:38:23.158Z,0
CVE-2024-1141,https://securityvulnerability.io/vulnerability/CVE-2024-1141,Glance-store: glance store access key logged in debug log level,A vulnerability was found in python-glance-store. The issue occurs when the package logs the access_key for the glance-store when the DEBUG log level is enabled.,Red Hat,"Red Hat Openstack Platform 17.1 For Rhel 9,Red Hat Openstack Platform 16.1,Red Hat Openstack Platform 16.2,Red Hat Openstack Platform 18.0",5.5,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-02-01T14:21:37.758Z,0
CVE-2023-5625,https://securityvulnerability.io/vulnerability/CVE-2023-5625,Python-eventlet: patch regression for cve-2021-21419 in some red hat builds,"A regression has been identified in the Red Hat build of python-eventlet. This issue arose from a modification in the patch application strategy, leading to the failure of a critical patch for CVE-2021-21419 to be applied across all builds of Red Hat products. Consequently, users may be exposed to vulnerabilities stemming from this oversight, impacting the security and stability of affected systems.",Red Hat,"Ironic Content For Red Hat Openshift Container Platform 4.12,Red Hat Openstack Platform 17.1 For Rhel 8,Red Hat Openstack Platform 17.1 For Rhel 9",7.5,HIGH,0.001509999972768128,false,,false,false,false,,,false,false,,2023-11-01T14:15:00.000Z,0