Log in / Register

tripleo

  • Overview
  • Code
  • Bugs
  • Blueprints
  • Translations
  • Answers

CVEs related to bugs in tripleo

Open bugs

Bug CVE(s)
Bug #1931132: plain password logged in rhel-registration actions CVE-2021-3585
tripleo In progress (unassigned)

Resolved bugs

Bug CVE(s)
Bug #1494896: tripleo-heat-templates: unsafe pipeline ordering of swift staticweb middleware CVE-2015-5271
tripleo Fix released, assigned to Emilien Macchi
Bug #1651831: [CVE-2016-9599] undercloud firewall opening all ports with ssl enabled CVE-2016-9599
tripleo Fix released, assigned to Emilien Macchi
Bug #1677315: openstack-tripleo-common: sudoers file is too permissive CVE-2017-2627
tripleo Expired (unassigned)
Bug #1730370: Potential privilege escalation with the default libvirtd TLS config CVE-2017-15114
tripleo Fix released, assigned to Juan Antonio Osorio Robles
Bug #1754607: CVE-2018-1000115 memcached: UDP server support allows spoofed traffic amplification DoS CVE-2018-1000115
tripleo Fix released, assigned to Emilien Macchi
Bug #1777140: ntpd on undercloud is not configured CVE-2013-5211
tripleo Fix released, assigned to Alex Schultz
Bug #1859137: Possible DoS via dbus socket available in containers CVE-2020-1690
tripleo Fix released (unassigned)
Bug #1880947: No sVirt protection for VMs due to disabled SELinux in 'nova_libvirt' container. CVE-2020-10731
tripleo Fix released, assigned to Cédric Jeanneret
Bug #1955397: [keystone_authtoken] www_authenticate_uri should be public endpoint instead of internal endpoint CVE-2021-4180
tripleo Fix released, assigned to Takashi Kajinami
Launchpad  •  Take the tour  •  Read the guide  
© 2004-2022 Canonical Ltd.  •  Terms of use  •  Data privacy  •  Contact Launchpad Support  •  Blog  •  Careers  •  System status  •  rb94d9e1 (Get the code!)