[Debian] Medium CVE: CVE-2022-3100: barbican: an access policy bypass via a query string
Bug #2021469 reported by
Yue Tao
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
StarlingX |
Fix Released
|
Medium
|
ZhangXiao |
Bug Description
CVE-2022-3100: https:/
A flaw was found in the openstack-barbican component. This issue allows an access policy bypass via a query string when accessing the API.
Base Score: Medium
References:
https:/
https:/
barbican_
barbican is a source package in upstream repository
CVE References
Changed in starlingx: | |
assignee: | nobody → ZhangXiao (zhangxiao-windriver) |
To post a comment you must log in.
Fixed by: https:/ /review. opendev. org/c/starlingx /upstream/ +/886885 which merged on June 26.