Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-5836-grcc-8j89: OpenStack Heat information leak vulnerability

An information leak was discovered in OpenStack heat. This issue could allow a remote, authenticated attacker to use the ‘stack show’ command to reveal parameters which are supposed to remain hidden. This has a low impact to the confidentiality, integrity, and availability of the system.

ghsa
#vulnerability#git#auth

OpenStack Heat information leak vulnerability

High severity GitHub Reviewed Published Sep 24, 2023 to the GitHub Advisory Database • Updated Sep 27, 2023

Related news

CVE-2023-1625: Invalid Bug ID

An information leak was discovered in OpenStack heat. This issue could allow a remote, authenticated attacker to use the 'stack show' command to reveal parameters which are supposed to remain hidden. This has a low impact to the confidentiality, integrity, and availability of the system.

Ubuntu Security Notice USN-6293-1

Ubuntu Security Notice 6293-1 - It was discovered that OpenStack Heat incorrectly handled certain hidden parameter values. A remote authenticated user could possibly use this issue to obtain sensitive data.

Ubuntu Security Notice USN-6066-1

Ubuntu Security Notice 6066-1 - It was discovered that OpenStack Heat incorrectly handled certain hidden parameter values. A remote authenticated user could possibly use this issue to obtain sensitive data.

ghsa: Latest News

GHSA-hqmp-g7ph-x543: TunnelVision - decloaking VPNs using DHCP