Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2023-1625
Vulnerability from cvelistv5
Published
2023-09-24 00:08
Modified
2024-09-24 14:59
Severity ?
EPSS score ?
Summary
An information leak was discovered in OpenStack heat. This issue could allow a remote, authenticated attacker to use the 'stack show' command to reveal parameters which are supposed to remain hidden. This has a low impact to the confidentiality, integrity, and availability of the system.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | https://access.redhat.com/security/cve/CVE-2023-1625 | Third Party Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=2181621 | Issue Tracking, Third Party Advisory | |
| secalert@redhat.com | https://github.com/openstack/heat/commit/a49526c278e52823080c7f3fcb72785b93fd4dcb | Patch | |
| secalert@redhat.com | https://launchpad.net/bugs/1999665 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/security/cve/CVE-2023-1625 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=2181621 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/openstack/heat/commit/a49526c278e52823080c7f3fcb72785b93fd4dcb | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.net/bugs/1999665 | Exploit, Issue Tracking, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | n/a | openstack-heat | |||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T05:57:24.554Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "vdb-entry", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/security/cve/CVE-2023-1625", }, { name: "RHBZ#2181621", tags: [ "issue-tracking", "x_refsource_REDHAT", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2181621", }, { tags: [ "x_transferred", ], url: "https://github.com/openstack/heat/commit/a49526c278e52823080c7f3fcb72785b93fd4dcb", }, { tags: [ "x_transferred", ], url: "https://launchpad.net/bugs/1999665", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-1625", options: [ { Exploitation: "poc", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-09-24T14:59:09.559299Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-09-24T14:59:25.505Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "affected", product: "openstack-heat", vendor: "n/a", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:openstack:13", ], defaultStatus: "unknown", packageName: "openstack-heat", product: "Red Hat OpenStack Platform 13 (Queens)", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:openstack:16.1", ], defaultStatus: "affected", packageName: "openstack-heat", product: "Red Hat OpenStack Platform 16.1", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:openstack:16.2", ], defaultStatus: "affected", packageName: "openstack-heat", product: "Red Hat OpenStack Platform 16.2", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:openstack:17.0", ], defaultStatus: "affected", packageName: "openstack-heat", product: "Red Hat OpenStack Platform 17.0", vendor: "Red Hat", }, { collectionURL: "https://repos.fedorapeople.org/repos/openstack/", defaultStatus: "affected", packageName: "openstack-heat", product: "OpenStack RDO", vendor: "RDO", }, ], credits: [ { lang: "en", value: "Red Hat would like to thank Chengen Du (Canonical) for reporting this issue.", }, ], datePublic: "2023-01-27T00:00:00+00:00", descriptions: [ { lang: "en", value: "An information leak was discovered in OpenStack heat. This issue could allow a remote, authenticated attacker to use the 'stack show' command to reveal parameters which are supposed to remain hidden. This has a low impact to the confidentiality, integrity, and availability of the system.", }, ], metrics: [ { other: { content: { namespace: "https://access.redhat.com/security/updates/classification/", value: "Moderate", }, type: "Red Hat severity rating", }, }, { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-202", description: "Exposure of Sensitive Information Through Data Queries", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-09-24T00:08:12.738Z", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "vdb-entry", "x_refsource_REDHAT", ], url: "https://access.redhat.com/security/cve/CVE-2023-1625", }, { name: "RHBZ#2181621", tags: [ "issue-tracking", "x_refsource_REDHAT", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2181621", }, { url: "https://github.com/openstack/heat/commit/a49526c278e52823080c7f3fcb72785b93fd4dcb", }, { url: "https://launchpad.net/bugs/1999665", }, ], timeline: [ { lang: "en", time: "2023-03-24T00:00:00+00:00", value: "Reported to Red Hat.", }, { lang: "en", time: "2023-01-27T00:00:00+00:00", value: "Made public.", }, ], title: "Information leak in api", x_redhatCweChain: "CWE-202: Exposure of Sensitive Information Through Data Queries", }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2023-1625", datePublished: "2023-09-24T00:08:12.738Z", dateReserved: "2023-03-24T19:25:35.529Z", dateUpdated: "2024-09-24T14:59:25.505Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { nvd: "{\"cve\":{\"id\":\"CVE-2023-1625\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2023-09-24T01:15:43.577\",\"lastModified\":\"2024-11-21T07:39:34.227\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An information leak was discovered in OpenStack heat. This issue could allow a remote, authenticated attacker to use the 'stack show' command to reveal parameters which are supposed to remain hidden. This has a low impact to the confidentiality, integrity, and availability of the system.\"},{\"lang\":\"es\",\"value\":\"Se descubrió una fuga de información en OpenStack Heat. Este problema podría permitir que un atacante remoto y autenticado utilice el comando 'stack show' para revelar parámetros que se supone deben permanecer ocultos. Esto tiene un impacto bajo en la confidencialidad, integridad y disponibilidad del sistema.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L\",\"baseScore\":7.4,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":3.1,\"impactScore\":3.7},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N\",\"baseScore\":5.0,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.1,\"impactScore\":1.4}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-202\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openstack:heat:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"35EFBEEB-51E5-4202-A451-7C1B72E72497\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openstack_platform:13.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C52600BF-9E87-4CD2-91F3-685AFE478C1E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openstack_platform:16.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DCC81071-B46D-4F5D-AC25-B4A4CCC20C73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openstack_platform:16.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B3000D2-35DF-4A93-9FC0-1AD3AB8349B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openstack_platform:17.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F7076B1E-0529-43CC-828B-45C2ED11F9F6\"}]}]}],\"references\":[{\"url\":\"https://access.redhat.com/security/cve/CVE-2023-1625\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2181621\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/openstack/heat/commit/a49526c278e52823080c7f3fcb72785b93fd4dcb\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://launchpad.net/bugs/1999665\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/security/cve/CVE-2023-1625\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2181621\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/openstack/heat/commit/a49526c278e52823080c7f3fcb72785b93fd4dcb\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://launchpad.net/bugs/1999665\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Third Party Advisory\"]}]}}", vulnrichment: { containers: "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://access.redhat.com/security/cve/CVE-2023-1625\", \"tags\": [\"vdb-entry\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2181621\", \"name\": \"RHBZ#2181621\", \"tags\": [\"issue-tracking\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://github.com/openstack/heat/commit/a49526c278e52823080c7f3fcb72785b93fd4dcb\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://launchpad.net/bugs/1999665\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T05:57:24.554Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-1625\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-09-24T14:59:09.559299Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-09-24T14:59:19.615Z\"}}], \"cna\": {\"title\": \"Information leak in api\", \"credits\": [{\"lang\": \"en\", \"value\": \"Red Hat would like to thank Chengen Du (Canonical) for reporting this issue.\"}], \"metrics\": [{\"other\": {\"type\": \"Red Hat severity rating\", \"content\": {\"value\": \"Moderate\", \"namespace\": \"https://access.redhat.com/security/updates/classification/\"}}}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 7.4, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"LOW\"}}], \"affected\": [{\"vendor\": \"n/a\", \"product\": \"openstack-heat\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openstack:13\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenStack Platform 13 (Queens)\", \"packageName\": \"openstack-heat\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:/a:redhat:openstack:16.1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenStack Platform 16.1\", \"packageName\": \"openstack-heat\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openstack:16.2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenStack Platform 16.2\", \"packageName\": \"openstack-heat\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openstack:17.0\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenStack Platform 17.0\", \"packageName\": \"openstack-heat\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"vendor\": \"RDO\", \"product\": \"OpenStack RDO\", \"packageName\": \"openstack-heat\", \"collectionURL\": \"https://repos.fedorapeople.org/repos/openstack/\", \"defaultStatus\": \"affected\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2023-03-24T00:00:00+00:00\", \"value\": \"Reported to Red Hat.\"}, {\"lang\": \"en\", \"time\": \"2023-01-27T00:00:00+00:00\", \"value\": \"Made public.\"}], \"datePublic\": \"2023-01-27T00:00:00+00:00\", \"references\": [{\"url\": \"https://access.redhat.com/security/cve/CVE-2023-1625\", \"tags\": [\"vdb-entry\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2181621\", \"name\": \"RHBZ#2181621\", \"tags\": [\"issue-tracking\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://github.com/openstack/heat/commit/a49526c278e52823080c7f3fcb72785b93fd4dcb\"}, {\"url\": \"https://launchpad.net/bugs/1999665\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"An information leak was discovered in OpenStack heat. This issue could allow a remote, authenticated attacker to use the 'stack show' command to reveal parameters which are supposed to remain hidden. This has a low impact to the confidentiality, integrity, and availability of the system.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-202\", \"description\": \"Exposure of Sensitive Information Through Data Queries\"}]}], \"providerMetadata\": {\"orgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"shortName\": \"redhat\", \"dateUpdated\": \"2023-09-24T00:08:12.738Z\"}, \"x_redhatCweChain\": \"CWE-202: Exposure of Sensitive Information Through Data Queries\"}}", cveMetadata: "{\"cveId\": \"CVE-2023-1625\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-09-24T14:59:25.505Z\", \"dateReserved\": \"2023-03-24T19:25:35.529Z\", \"assignerOrgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"datePublished\": \"2023-09-24T00:08:12.738Z\", \"assignerShortName\": \"redhat\"}", dataType: "CVE_RECORD", dataVersion: "5.1", }, }, }
suse-su-2023:2379-1
Vulnerability from csaf_suse
Published
2023-06-05 14:39
Modified
2023-06-05 14:39
Summary
Security update for openstack-heat, python-Werkzeug
Notes
Title of the patch
Security update for openstack-heat, python-Werkzeug
Description of the patch
This update for openstack-heat, python-Werkzeug contains the following fixes:
Security fixes included on this update:
openstack-heat:
- CVE-2023-1625: Fixed an issue where parameter values marked as 'hidden' would be shown in the stack's environment. (bsc#1209774)
python-Werkzeug:
- CVE-2023-25577: Fixed an unbounded resource usage when parsing multipart forms with many fields. (bsc#1208283)
Patchnames
HPE-Helion-OpenStack-8-2023-2379,SUSE-2023-2379,SUSE-OpenStack-Cloud-8-2023-2379,SUSE-OpenStack-Cloud-Crowbar-8-2023-2379
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for openstack-heat, python-Werkzeug", title: "Title of the patch", }, { category: "description", text: "This update for openstack-heat, python-Werkzeug contains the following fixes:\n\nSecurity fixes included on this update:\n\nopenstack-heat:\n- CVE-2023-1625: Fixed an issue where parameter values marked as 'hidden' would be shown in the stack's environment. (bsc#1209774)\n\npython-Werkzeug:\n- CVE-2023-25577: Fixed an unbounded resource usage when parsing multipart forms with many fields. (bsc#1208283)\n ", title: "Description of the patch", }, { category: "details", text: "HPE-Helion-OpenStack-8-2023-2379,SUSE-2023-2379,SUSE-OpenStack-Cloud-8-2023-2379,SUSE-OpenStack-Cloud-Crowbar-8-2023-2379", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_2379-1.json", }, { category: "self", summary: "URL for SUSE-SU-2023:2379-1", url: "https://www.suse.com/support/update/announcement/2023/suse-su-20232379-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2023:2379-1", url: "https://lists.suse.com/pipermail/sle-updates/2023-June/029723.html", }, { category: "self", summary: "SUSE Bug 1208283", url: "https://bugzilla.suse.com/1208283", }, { category: "self", summary: "SUSE Bug 1209774", url: "https://bugzilla.suse.com/1209774", }, { category: "self", summary: "SUSE CVE CVE-2023-1625 page", url: "https://www.suse.com/security/cve/CVE-2023-1625/", }, { category: "self", summary: "SUSE CVE CVE-2023-25577 page", url: "https://www.suse.com/security/cve/CVE-2023-25577/", }, ], title: "Security update for openstack-heat, python-Werkzeug", tracking: { current_release_date: "2023-06-05T14:39:04Z", generator: { date: "2023-06-05T14:39:04Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2023:2379-1", initial_release_date: "2023-06-05T14:39:04Z", revision_history: [ { date: "2023-06-05T14:39:04Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "openstack-heat-9.0.8~dev22-3.30.3.noarch", product: { name: "openstack-heat-9.0.8~dev22-3.30.3.noarch", product_id: "openstack-heat-9.0.8~dev22-3.30.3.noarch", }, }, { category: "product_version", name: "openstack-heat-api-9.0.8~dev22-3.30.3.noarch", product: { name: "openstack-heat-api-9.0.8~dev22-3.30.3.noarch", product_id: "openstack-heat-api-9.0.8~dev22-3.30.3.noarch", }, }, { category: "product_version", name: "openstack-heat-api-cfn-9.0.8~dev22-3.30.3.noarch", product: { name: "openstack-heat-api-cfn-9.0.8~dev22-3.30.3.noarch", product_id: "openstack-heat-api-cfn-9.0.8~dev22-3.30.3.noarch", }, }, { category: "product_version", name: "openstack-heat-api-cloudwatch-9.0.8~dev22-3.30.3.noarch", product: { name: "openstack-heat-api-cloudwatch-9.0.8~dev22-3.30.3.noarch", product_id: "openstack-heat-api-cloudwatch-9.0.8~dev22-3.30.3.noarch", }, }, { category: "product_version", name: "openstack-heat-doc-9.0.8~dev22-3.30.3.noarch", product: { name: "openstack-heat-doc-9.0.8~dev22-3.30.3.noarch", product_id: "openstack-heat-doc-9.0.8~dev22-3.30.3.noarch", }, }, { category: "product_version", name: "openstack-heat-engine-9.0.8~dev22-3.30.3.noarch", product: { name: "openstack-heat-engine-9.0.8~dev22-3.30.3.noarch", product_id: "openstack-heat-engine-9.0.8~dev22-3.30.3.noarch", }, }, { category: "product_version", name: "openstack-heat-plugin-heat_docker-9.0.8~dev22-3.30.3.noarch", product: { name: "openstack-heat-plugin-heat_docker-9.0.8~dev22-3.30.3.noarch", product_id: "openstack-heat-plugin-heat_docker-9.0.8~dev22-3.30.3.noarch", }, }, { category: "product_version", name: "openstack-heat-test-9.0.8~dev22-3.30.3.noarch", product: { name: "openstack-heat-test-9.0.8~dev22-3.30.3.noarch", product_id: "openstack-heat-test-9.0.8~dev22-3.30.3.noarch", }, }, { category: "product_version", name: "python-Werkzeug-0.12.2-3.6.2.noarch", product: { name: "python-Werkzeug-0.12.2-3.6.2.noarch", product_id: "python-Werkzeug-0.12.2-3.6.2.noarch", }, }, { category: "product_version", name: "python-heat-9.0.8~dev22-3.30.3.noarch", product: { name: "python-heat-9.0.8~dev22-3.30.3.noarch", product_id: "python-heat-9.0.8~dev22-3.30.3.noarch", }, }, { category: "product_version", name: "venv-openstack-designate-x86_64-5.0.3~dev7-12.45.1.noarch", product: { name: "venv-openstack-designate-x86_64-5.0.3~dev7-12.45.1.noarch", product_id: "venv-openstack-designate-x86_64-5.0.3~dev7-12.45.1.noarch", }, }, { category: "product_version", name: "venv-openstack-heat-x86_64-9.0.8~dev22-12.51.1.noarch", product: { name: "venv-openstack-heat-x86_64-9.0.8~dev22-12.51.1.noarch", product_id: "venv-openstack-heat-x86_64-9.0.8~dev22-12.51.1.noarch", }, }, { category: "product_version", name: "venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.46.1.noarch", product: { name: "venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.46.1.noarch", product_id: "venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.46.1.noarch", }, }, { category: "product_version", name: "venv-openstack-octavia-x86_64-1.0.6~dev3-12.47.1.noarch", product: { name: "venv-openstack-octavia-x86_64-1.0.6~dev3-12.47.1.noarch", product_id: "venv-openstack-octavia-x86_64-1.0.6~dev3-12.47.1.noarch", }, }, { category: "product_version", name: "venv-openstack-sahara-x86_64-7.0.5~dev4-11.46.1.noarch", product: { name: "venv-openstack-sahara-x86_64-7.0.5~dev4-11.46.1.noarch", product_id: "venv-openstack-sahara-x86_64-7.0.5~dev4-11.46.1.noarch", }, }, { category: "product_version", name: "python3-Werkzeug-0.12.2-3.6.2.noarch", product: { name: "python3-Werkzeug-0.12.2-3.6.2.noarch", product_id: "python3-Werkzeug-0.12.2-3.6.2.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_name", name: "HPE Helion OpenStack 8", product: { name: "HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8", product_identification_helper: { cpe: "cpe:/o:suse:hpe-helion-openstack:8", }, }, }, { category: "product_name", name: "SUSE OpenStack Cloud 8", product: { name: "SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8", product_identification_helper: { cpe: "cpe:/o:suse:suse-openstack-cloud:8", }, }, }, { category: "product_name", name: "SUSE OpenStack Cloud Crowbar 8", product: { name: "SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8", product_identification_helper: { cpe: "cpe:/o:suse:suse-openstack-cloud-crowbar:8", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "openstack-heat-9.0.8~dev22-3.30.3.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:openstack-heat-9.0.8~dev22-3.30.3.noarch", }, product_reference: "openstack-heat-9.0.8~dev22-3.30.3.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "openstack-heat-api-9.0.8~dev22-3.30.3.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:openstack-heat-api-9.0.8~dev22-3.30.3.noarch", }, product_reference: "openstack-heat-api-9.0.8~dev22-3.30.3.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "openstack-heat-api-cfn-9.0.8~dev22-3.30.3.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:openstack-heat-api-cfn-9.0.8~dev22-3.30.3.noarch", }, product_reference: "openstack-heat-api-cfn-9.0.8~dev22-3.30.3.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "openstack-heat-api-cloudwatch-9.0.8~dev22-3.30.3.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:openstack-heat-api-cloudwatch-9.0.8~dev22-3.30.3.noarch", }, product_reference: "openstack-heat-api-cloudwatch-9.0.8~dev22-3.30.3.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "openstack-heat-doc-9.0.8~dev22-3.30.3.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:openstack-heat-doc-9.0.8~dev22-3.30.3.noarch", }, product_reference: "openstack-heat-doc-9.0.8~dev22-3.30.3.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "openstack-heat-engine-9.0.8~dev22-3.30.3.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:openstack-heat-engine-9.0.8~dev22-3.30.3.noarch", }, product_reference: "openstack-heat-engine-9.0.8~dev22-3.30.3.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "openstack-heat-plugin-heat_docker-9.0.8~dev22-3.30.3.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:openstack-heat-plugin-heat_docker-9.0.8~dev22-3.30.3.noarch", }, product_reference: "openstack-heat-plugin-heat_docker-9.0.8~dev22-3.30.3.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "openstack-heat-test-9.0.8~dev22-3.30.3.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:openstack-heat-test-9.0.8~dev22-3.30.3.noarch", }, product_reference: "openstack-heat-test-9.0.8~dev22-3.30.3.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "python-Werkzeug-0.12.2-3.6.2.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:python-Werkzeug-0.12.2-3.6.2.noarch", }, product_reference: "python-Werkzeug-0.12.2-3.6.2.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "python-heat-9.0.8~dev22-3.30.3.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:python-heat-9.0.8~dev22-3.30.3.noarch", }, product_reference: "python-heat-9.0.8~dev22-3.30.3.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-designate-x86_64-5.0.3~dev7-12.45.1.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.45.1.noarch", }, product_reference: "venv-openstack-designate-x86_64-5.0.3~dev7-12.45.1.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-heat-x86_64-9.0.8~dev22-12.51.1.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.51.1.noarch", }, product_reference: "venv-openstack-heat-x86_64-9.0.8~dev22-12.51.1.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.46.1.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.46.1.noarch", }, product_reference: "venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.46.1.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-octavia-x86_64-1.0.6~dev3-12.47.1.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.47.1.noarch", }, product_reference: "venv-openstack-octavia-x86_64-1.0.6~dev3-12.47.1.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-sahara-x86_64-7.0.5~dev4-11.46.1.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.46.1.noarch", }, product_reference: "venv-openstack-sahara-x86_64-7.0.5~dev4-11.46.1.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "openstack-heat-9.0.8~dev22-3.30.3.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:openstack-heat-9.0.8~dev22-3.30.3.noarch", }, product_reference: "openstack-heat-9.0.8~dev22-3.30.3.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "openstack-heat-api-9.0.8~dev22-3.30.3.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:openstack-heat-api-9.0.8~dev22-3.30.3.noarch", }, product_reference: "openstack-heat-api-9.0.8~dev22-3.30.3.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "openstack-heat-api-cfn-9.0.8~dev22-3.30.3.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:openstack-heat-api-cfn-9.0.8~dev22-3.30.3.noarch", }, product_reference: "openstack-heat-api-cfn-9.0.8~dev22-3.30.3.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "openstack-heat-api-cloudwatch-9.0.8~dev22-3.30.3.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:openstack-heat-api-cloudwatch-9.0.8~dev22-3.30.3.noarch", }, product_reference: "openstack-heat-api-cloudwatch-9.0.8~dev22-3.30.3.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "openstack-heat-doc-9.0.8~dev22-3.30.3.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:openstack-heat-doc-9.0.8~dev22-3.30.3.noarch", }, product_reference: "openstack-heat-doc-9.0.8~dev22-3.30.3.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "openstack-heat-engine-9.0.8~dev22-3.30.3.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:openstack-heat-engine-9.0.8~dev22-3.30.3.noarch", }, product_reference: "openstack-heat-engine-9.0.8~dev22-3.30.3.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "openstack-heat-plugin-heat_docker-9.0.8~dev22-3.30.3.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:openstack-heat-plugin-heat_docker-9.0.8~dev22-3.30.3.noarch", }, product_reference: "openstack-heat-plugin-heat_docker-9.0.8~dev22-3.30.3.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "openstack-heat-test-9.0.8~dev22-3.30.3.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:openstack-heat-test-9.0.8~dev22-3.30.3.noarch", }, product_reference: "openstack-heat-test-9.0.8~dev22-3.30.3.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "python-Werkzeug-0.12.2-3.6.2.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:python-Werkzeug-0.12.2-3.6.2.noarch", }, product_reference: "python-Werkzeug-0.12.2-3.6.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "python-heat-9.0.8~dev22-3.30.3.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:python-heat-9.0.8~dev22-3.30.3.noarch", }, product_reference: "python-heat-9.0.8~dev22-3.30.3.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-designate-x86_64-5.0.3~dev7-12.45.1.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.45.1.noarch", }, product_reference: "venv-openstack-designate-x86_64-5.0.3~dev7-12.45.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-heat-x86_64-9.0.8~dev22-12.51.1.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.51.1.noarch", }, product_reference: "venv-openstack-heat-x86_64-9.0.8~dev22-12.51.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.46.1.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.46.1.noarch", }, product_reference: "venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.46.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-octavia-x86_64-1.0.6~dev3-12.47.1.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.47.1.noarch", }, product_reference: "venv-openstack-octavia-x86_64-1.0.6~dev3-12.47.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-sahara-x86_64-7.0.5~dev4-11.46.1.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.46.1.noarch", }, product_reference: "venv-openstack-sahara-x86_64-7.0.5~dev4-11.46.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "openstack-heat-9.0.8~dev22-3.30.3.noarch as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:openstack-heat-9.0.8~dev22-3.30.3.noarch", }, product_reference: "openstack-heat-9.0.8~dev22-3.30.3.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "openstack-heat-api-9.0.8~dev22-3.30.3.noarch as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:openstack-heat-api-9.0.8~dev22-3.30.3.noarch", }, product_reference: "openstack-heat-api-9.0.8~dev22-3.30.3.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "openstack-heat-api-cfn-9.0.8~dev22-3.30.3.noarch as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:openstack-heat-api-cfn-9.0.8~dev22-3.30.3.noarch", }, product_reference: "openstack-heat-api-cfn-9.0.8~dev22-3.30.3.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "openstack-heat-api-cloudwatch-9.0.8~dev22-3.30.3.noarch as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:openstack-heat-api-cloudwatch-9.0.8~dev22-3.30.3.noarch", }, product_reference: "openstack-heat-api-cloudwatch-9.0.8~dev22-3.30.3.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "openstack-heat-doc-9.0.8~dev22-3.30.3.noarch as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:openstack-heat-doc-9.0.8~dev22-3.30.3.noarch", }, product_reference: "openstack-heat-doc-9.0.8~dev22-3.30.3.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "openstack-heat-engine-9.0.8~dev22-3.30.3.noarch as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:openstack-heat-engine-9.0.8~dev22-3.30.3.noarch", }, product_reference: "openstack-heat-engine-9.0.8~dev22-3.30.3.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "openstack-heat-plugin-heat_docker-9.0.8~dev22-3.30.3.noarch as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:openstack-heat-plugin-heat_docker-9.0.8~dev22-3.30.3.noarch", }, product_reference: "openstack-heat-plugin-heat_docker-9.0.8~dev22-3.30.3.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "openstack-heat-test-9.0.8~dev22-3.30.3.noarch as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:openstack-heat-test-9.0.8~dev22-3.30.3.noarch", }, product_reference: "openstack-heat-test-9.0.8~dev22-3.30.3.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "python-Werkzeug-0.12.2-3.6.2.noarch as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:python-Werkzeug-0.12.2-3.6.2.noarch", }, product_reference: "python-Werkzeug-0.12.2-3.6.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "python-heat-9.0.8~dev22-3.30.3.noarch as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:python-heat-9.0.8~dev22-3.30.3.noarch", }, product_reference: "python-heat-9.0.8~dev22-3.30.3.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, ], }, vulnerabilities: [ { cve: "CVE-2023-1625", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1625", }, ], notes: [ { category: "general", text: "An information leak was discovered in OpenStack heat. This issue could allow a remote, authenticated attacker to use the 'stack show' command to reveal parameters which are supposed to remain hidden. This has a low impact to the confidentiality, integrity, and availability of the system.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:openstack-heat-9.0.8~dev22-3.30.3.noarch", "HPE Helion OpenStack 8:openstack-heat-api-9.0.8~dev22-3.30.3.noarch", "HPE Helion OpenStack 8:openstack-heat-api-cfn-9.0.8~dev22-3.30.3.noarch", "HPE Helion OpenStack 8:openstack-heat-api-cloudwatch-9.0.8~dev22-3.30.3.noarch", "HPE Helion OpenStack 8:openstack-heat-doc-9.0.8~dev22-3.30.3.noarch", "HPE Helion OpenStack 8:openstack-heat-engine-9.0.8~dev22-3.30.3.noarch", "HPE Helion OpenStack 8:openstack-heat-plugin-heat_docker-9.0.8~dev22-3.30.3.noarch", "HPE Helion OpenStack 8:openstack-heat-test-9.0.8~dev22-3.30.3.noarch", "HPE Helion OpenStack 8:python-Werkzeug-0.12.2-3.6.2.noarch", "HPE Helion OpenStack 8:python-heat-9.0.8~dev22-3.30.3.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.45.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.51.1.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.46.1.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.47.1.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.46.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud 8:openstack-heat-api-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud 8:openstack-heat-api-cfn-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud 8:openstack-heat-api-cloudwatch-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud 8:openstack-heat-doc-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud 8:openstack-heat-engine-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud 8:openstack-heat-plugin-heat_docker-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud 8:openstack-heat-test-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud 8:python-Werkzeug-0.12.2-3.6.2.noarch", "SUSE OpenStack Cloud 8:python-heat-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.45.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.51.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.46.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.47.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.46.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-api-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-api-cfn-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-api-cloudwatch-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-doc-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-engine-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-plugin-heat_docker-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-test-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Werkzeug-0.12.2-3.6.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-heat-9.0.8~dev22-3.30.3.noarch", ], }, references: [ { category: "external", summary: "CVE-2023-1625", url: "https://www.suse.com/security/cve/CVE-2023-1625", }, { category: "external", summary: "SUSE Bug 1209774 for CVE-2023-1625", url: "https://bugzilla.suse.com/1209774", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:openstack-heat-9.0.8~dev22-3.30.3.noarch", "HPE Helion OpenStack 8:openstack-heat-api-9.0.8~dev22-3.30.3.noarch", "HPE Helion OpenStack 8:openstack-heat-api-cfn-9.0.8~dev22-3.30.3.noarch", "HPE Helion OpenStack 8:openstack-heat-api-cloudwatch-9.0.8~dev22-3.30.3.noarch", "HPE Helion OpenStack 8:openstack-heat-doc-9.0.8~dev22-3.30.3.noarch", "HPE Helion OpenStack 8:openstack-heat-engine-9.0.8~dev22-3.30.3.noarch", "HPE Helion OpenStack 8:openstack-heat-plugin-heat_docker-9.0.8~dev22-3.30.3.noarch", "HPE Helion OpenStack 8:openstack-heat-test-9.0.8~dev22-3.30.3.noarch", "HPE Helion OpenStack 8:python-Werkzeug-0.12.2-3.6.2.noarch", "HPE Helion OpenStack 8:python-heat-9.0.8~dev22-3.30.3.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.45.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.51.1.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.46.1.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.47.1.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.46.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud 8:openstack-heat-api-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud 8:openstack-heat-api-cfn-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud 8:openstack-heat-api-cloudwatch-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud 8:openstack-heat-doc-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud 8:openstack-heat-engine-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud 8:openstack-heat-plugin-heat_docker-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud 8:openstack-heat-test-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud 8:python-Werkzeug-0.12.2-3.6.2.noarch", "SUSE OpenStack Cloud 8:python-heat-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.45.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.51.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.46.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.47.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.46.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-api-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-api-cfn-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-api-cloudwatch-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-doc-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-engine-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-plugin-heat_docker-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-test-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Werkzeug-0.12.2-3.6.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-heat-9.0.8~dev22-3.30.3.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "HPE Helion OpenStack 8:openstack-heat-9.0.8~dev22-3.30.3.noarch", "HPE Helion OpenStack 8:openstack-heat-api-9.0.8~dev22-3.30.3.noarch", "HPE Helion OpenStack 8:openstack-heat-api-cfn-9.0.8~dev22-3.30.3.noarch", "HPE Helion OpenStack 8:openstack-heat-api-cloudwatch-9.0.8~dev22-3.30.3.noarch", "HPE Helion OpenStack 8:openstack-heat-doc-9.0.8~dev22-3.30.3.noarch", "HPE Helion OpenStack 8:openstack-heat-engine-9.0.8~dev22-3.30.3.noarch", "HPE Helion OpenStack 8:openstack-heat-plugin-heat_docker-9.0.8~dev22-3.30.3.noarch", "HPE Helion OpenStack 8:openstack-heat-test-9.0.8~dev22-3.30.3.noarch", "HPE Helion OpenStack 8:python-Werkzeug-0.12.2-3.6.2.noarch", "HPE Helion OpenStack 8:python-heat-9.0.8~dev22-3.30.3.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.45.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.51.1.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.46.1.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.47.1.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.46.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud 8:openstack-heat-api-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud 8:openstack-heat-api-cfn-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud 8:openstack-heat-api-cloudwatch-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud 8:openstack-heat-doc-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud 8:openstack-heat-engine-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud 8:openstack-heat-plugin-heat_docker-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud 8:openstack-heat-test-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud 8:python-Werkzeug-0.12.2-3.6.2.noarch", "SUSE OpenStack Cloud 8:python-heat-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.45.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.51.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.46.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.47.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.46.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-api-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-api-cfn-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-api-cloudwatch-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-doc-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-engine-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-plugin-heat_docker-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-test-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Werkzeug-0.12.2-3.6.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-heat-9.0.8~dev22-3.30.3.noarch", ], }, ], threats: [ { category: "impact", date: "2023-06-05T14:39:04Z", details: "important", }, ], title: "CVE-2023-1625", }, { cve: "CVE-2023-25577", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-25577", }, ], notes: [ { category: "general", text: "Werkzeug is a comprehensive WSGI web application library. Prior to version 2.2.3, Werkzeug's multipart form data parser will parse an unlimited number of parts, including file parts. Parts can be a small amount of bytes, but each requires CPU time to parse and may use more memory as Python data. If a request can be made to an endpoint that accesses `request.data`, `request.form`, `request.files`, or `request.get_data(parse_form_data=False)`, it can cause unexpectedly high resource usage. This allows an attacker to cause a denial of service by sending crafted multipart data to an endpoint that will parse it. The amount of CPU time required can block worker processes from handling legitimate requests. The amount of RAM required can trigger an out of memory kill of the process. Unlimited file parts can use up memory and file handles. If many concurrent requests are sent continuously, this can exhaust or kill all available workers. Version 2.2.3 contains a patch for this issue.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:openstack-heat-9.0.8~dev22-3.30.3.noarch", "HPE Helion OpenStack 8:openstack-heat-api-9.0.8~dev22-3.30.3.noarch", "HPE Helion OpenStack 8:openstack-heat-api-cfn-9.0.8~dev22-3.30.3.noarch", "HPE Helion OpenStack 8:openstack-heat-api-cloudwatch-9.0.8~dev22-3.30.3.noarch", "HPE Helion OpenStack 8:openstack-heat-doc-9.0.8~dev22-3.30.3.noarch", "HPE Helion OpenStack 8:openstack-heat-engine-9.0.8~dev22-3.30.3.noarch", "HPE Helion OpenStack 8:openstack-heat-plugin-heat_docker-9.0.8~dev22-3.30.3.noarch", "HPE Helion OpenStack 8:openstack-heat-test-9.0.8~dev22-3.30.3.noarch", "HPE Helion OpenStack 8:python-Werkzeug-0.12.2-3.6.2.noarch", "HPE Helion OpenStack 8:python-heat-9.0.8~dev22-3.30.3.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.45.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.51.1.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.46.1.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.47.1.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.46.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud 8:openstack-heat-api-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud 8:openstack-heat-api-cfn-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud 8:openstack-heat-api-cloudwatch-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud 8:openstack-heat-doc-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud 8:openstack-heat-engine-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud 8:openstack-heat-plugin-heat_docker-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud 8:openstack-heat-test-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud 8:python-Werkzeug-0.12.2-3.6.2.noarch", "SUSE OpenStack Cloud 8:python-heat-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.45.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.51.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.46.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.47.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.46.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-api-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-api-cfn-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-api-cloudwatch-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-doc-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-engine-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-plugin-heat_docker-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-test-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Werkzeug-0.12.2-3.6.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-heat-9.0.8~dev22-3.30.3.noarch", ], }, references: [ { category: "external", summary: "CVE-2023-25577", url: "https://www.suse.com/security/cve/CVE-2023-25577", }, { category: "external", summary: "SUSE Bug 1208283 for CVE-2023-25577", url: "https://bugzilla.suse.com/1208283", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:openstack-heat-9.0.8~dev22-3.30.3.noarch", "HPE Helion OpenStack 8:openstack-heat-api-9.0.8~dev22-3.30.3.noarch", "HPE Helion OpenStack 8:openstack-heat-api-cfn-9.0.8~dev22-3.30.3.noarch", "HPE Helion OpenStack 8:openstack-heat-api-cloudwatch-9.0.8~dev22-3.30.3.noarch", "HPE Helion OpenStack 8:openstack-heat-doc-9.0.8~dev22-3.30.3.noarch", "HPE Helion OpenStack 8:openstack-heat-engine-9.0.8~dev22-3.30.3.noarch", "HPE Helion OpenStack 8:openstack-heat-plugin-heat_docker-9.0.8~dev22-3.30.3.noarch", "HPE Helion OpenStack 8:openstack-heat-test-9.0.8~dev22-3.30.3.noarch", "HPE Helion OpenStack 8:python-Werkzeug-0.12.2-3.6.2.noarch", "HPE Helion OpenStack 8:python-heat-9.0.8~dev22-3.30.3.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.45.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.51.1.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.46.1.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.47.1.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.46.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud 8:openstack-heat-api-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud 8:openstack-heat-api-cfn-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud 8:openstack-heat-api-cloudwatch-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud 8:openstack-heat-doc-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud 8:openstack-heat-engine-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud 8:openstack-heat-plugin-heat_docker-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud 8:openstack-heat-test-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud 8:python-Werkzeug-0.12.2-3.6.2.noarch", "SUSE OpenStack Cloud 8:python-heat-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.45.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.51.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.46.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.47.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.46.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-api-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-api-cfn-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-api-cloudwatch-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-doc-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-engine-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-plugin-heat_docker-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-test-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Werkzeug-0.12.2-3.6.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-heat-9.0.8~dev22-3.30.3.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "HPE Helion OpenStack 8:openstack-heat-9.0.8~dev22-3.30.3.noarch", "HPE Helion OpenStack 8:openstack-heat-api-9.0.8~dev22-3.30.3.noarch", "HPE Helion OpenStack 8:openstack-heat-api-cfn-9.0.8~dev22-3.30.3.noarch", "HPE Helion OpenStack 8:openstack-heat-api-cloudwatch-9.0.8~dev22-3.30.3.noarch", "HPE Helion OpenStack 8:openstack-heat-doc-9.0.8~dev22-3.30.3.noarch", "HPE Helion OpenStack 8:openstack-heat-engine-9.0.8~dev22-3.30.3.noarch", "HPE Helion OpenStack 8:openstack-heat-plugin-heat_docker-9.0.8~dev22-3.30.3.noarch", "HPE Helion OpenStack 8:openstack-heat-test-9.0.8~dev22-3.30.3.noarch", "HPE Helion OpenStack 8:python-Werkzeug-0.12.2-3.6.2.noarch", "HPE Helion OpenStack 8:python-heat-9.0.8~dev22-3.30.3.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.45.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.51.1.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.46.1.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.47.1.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.46.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud 8:openstack-heat-api-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud 8:openstack-heat-api-cfn-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud 8:openstack-heat-api-cloudwatch-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud 8:openstack-heat-doc-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud 8:openstack-heat-engine-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud 8:openstack-heat-plugin-heat_docker-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud 8:openstack-heat-test-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud 8:python-Werkzeug-0.12.2-3.6.2.noarch", "SUSE OpenStack Cloud 8:python-heat-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.45.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.51.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.46.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.47.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.46.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-api-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-api-cfn-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-api-cloudwatch-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-doc-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-engine-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-plugin-heat_docker-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-test-9.0.8~dev22-3.30.3.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Werkzeug-0.12.2-3.6.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-heat-9.0.8~dev22-3.30.3.noarch", ], }, ], threats: [ { category: "impact", date: "2023-06-05T14:39:04Z", details: "important", }, ], title: "CVE-2023-25577", }, ], }
suse-su-2023:2378-1
Vulnerability from csaf_suse
Published
2023-06-05 14:38
Modified
2023-06-05 14:38
Summary
Security update for openstack-heat, openstack-swift, python-Werkzeug
Notes
Title of the patch
Security update for openstack-heat, openstack-swift, python-Werkzeug
Description of the patch
This update for openstack-heat, openstack-swift, python-Werkzeug contains the following fixes:
Security fixes included in this update:
openstack-heat:
- CVE-2023-1625: Fixed an issue where parameter values marked as 'hidden' would be shown in the stack's environment (bsc#1209774).
openstack-swift:
- CVE-2022-47950: Fixed a local file disclosure that could be triggered by an authenticated attacker by supplying a malicious XML (bnc#1207035).
python-Werkzeug:
- CVE-2023-25577: Fixed an unbounded resource usage when parsing multipart forms with many fields (bsc#1208283).
Non security changes on this update:
Changes in openstack-heat:
- Honor 'hidden' parameter in 'stack environment show' command. (bsc#1209774, CVE-2023-1625)
Changes in openstack-swift:
- Prevent XXE injections in API. (bsc#1207035, CVE-2022-47950)
Changes in python-Werkzeug;
- Limit maximum number of multipart form parts. (bsc#1208283, CVE-2023-25577)
Patchnames
SUSE-2023-2378,SUSE-OpenStack-Cloud-9-2023-2378,SUSE-OpenStack-Cloud-Crowbar-9-2023-2378
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for openstack-heat, openstack-swift, python-Werkzeug", title: "Title of the patch", }, { category: "description", text: "This update for openstack-heat, openstack-swift, python-Werkzeug contains the following fixes:\n\nSecurity fixes included in this update:\n\nopenstack-heat:\n- CVE-2023-1625: Fixed an issue where parameter values marked as 'hidden' would be shown in the stack's environment (bsc#1209774).\n\nopenstack-swift:\n- CVE-2022-47950: Fixed a local file disclosure that could be triggered by an authenticated attacker by supplying a malicious XML (bnc#1207035).\n\npython-Werkzeug:\n- CVE-2023-25577: Fixed an unbounded resource usage when parsing multipart forms with many fields (bsc#1208283).\n\nNon security changes on this update:\n\nChanges in openstack-heat:\n- Honor 'hidden' parameter in 'stack environment show' command. (bsc#1209774, CVE-2023-1625)\n\nChanges in openstack-swift:\n- Prevent XXE injections in API. (bsc#1207035, CVE-2022-47950)\n\nChanges in python-Werkzeug;\n- Limit maximum number of multipart form parts. (bsc#1208283, CVE-2023-25577)\n ", title: "Description of the patch", }, { category: "details", text: "SUSE-2023-2378,SUSE-OpenStack-Cloud-9-2023-2378,SUSE-OpenStack-Cloud-Crowbar-9-2023-2378", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_2378-1.json", }, { category: "self", summary: "URL for SUSE-SU-2023:2378-1", url: "https://www.suse.com/support/update/announcement/2023/suse-su-20232378-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2023:2378-1", url: "https://lists.suse.com/pipermail/sle-updates/2023-June/029724.html", }, { category: "self", summary: "SUSE Bug 1207035", url: "https://bugzilla.suse.com/1207035", }, { category: "self", summary: "SUSE Bug 1208283", url: "https://bugzilla.suse.com/1208283", }, { category: "self", summary: "SUSE Bug 1209774", url: "https://bugzilla.suse.com/1209774", }, { category: "self", summary: "SUSE CVE CVE-2022-47950 page", url: "https://www.suse.com/security/cve/CVE-2022-47950/", }, { category: "self", summary: "SUSE CVE CVE-2023-1625 page", url: "https://www.suse.com/security/cve/CVE-2023-1625/", }, { category: "self", summary: "SUSE CVE CVE-2023-25577 page", url: "https://www.suse.com/security/cve/CVE-2023-25577/", }, ], title: "Security update for openstack-heat, openstack-swift, python-Werkzeug", tracking: { current_release_date: "2023-06-05T14:38:36Z", generator: { date: "2023-06-05T14:38:36Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2023:2378-1", initial_release_date: "2023-06-05T14:38:36Z", revision_history: [ { date: "2023-06-05T14:38:36Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "openstack-heat-11.0.4~dev4-3.24.4.noarch", product: { name: "openstack-heat-11.0.4~dev4-3.24.4.noarch", product_id: "openstack-heat-11.0.4~dev4-3.24.4.noarch", }, }, { category: "product_version", name: "openstack-heat-api-11.0.4~dev4-3.24.4.noarch", product: { name: "openstack-heat-api-11.0.4~dev4-3.24.4.noarch", product_id: "openstack-heat-api-11.0.4~dev4-3.24.4.noarch", }, }, { category: "product_version", name: "openstack-heat-api-cfn-11.0.4~dev4-3.24.4.noarch", product: { name: "openstack-heat-api-cfn-11.0.4~dev4-3.24.4.noarch", product_id: "openstack-heat-api-cfn-11.0.4~dev4-3.24.4.noarch", }, }, { category: "product_version", name: "openstack-heat-engine-11.0.4~dev4-3.24.4.noarch", product: { name: "openstack-heat-engine-11.0.4~dev4-3.24.4.noarch", product_id: "openstack-heat-engine-11.0.4~dev4-3.24.4.noarch", }, }, { category: "product_version", name: "openstack-heat-plugin-heat_docker-11.0.4~dev4-3.24.4.noarch", product: { name: "openstack-heat-plugin-heat_docker-11.0.4~dev4-3.24.4.noarch", product_id: "openstack-heat-plugin-heat_docker-11.0.4~dev4-3.24.4.noarch", }, }, { category: "product_version", name: "openstack-heat-test-11.0.4~dev4-3.24.4.noarch", product: { name: "openstack-heat-test-11.0.4~dev4-3.24.4.noarch", product_id: "openstack-heat-test-11.0.4~dev4-3.24.4.noarch", }, }, { category: "product_version", name: "openstack-swift-2.19.3~dev3-3.6.3.noarch", product: { name: "openstack-swift-2.19.3~dev3-3.6.3.noarch", product_id: "openstack-swift-2.19.3~dev3-3.6.3.noarch", }, }, { category: "product_version", name: "openstack-swift-account-2.19.3~dev3-3.6.3.noarch", product: { name: "openstack-swift-account-2.19.3~dev3-3.6.3.noarch", product_id: "openstack-swift-account-2.19.3~dev3-3.6.3.noarch", }, }, { category: "product_version", name: "openstack-swift-container-2.19.3~dev3-3.6.3.noarch", product: { name: "openstack-swift-container-2.19.3~dev3-3.6.3.noarch", product_id: "openstack-swift-container-2.19.3~dev3-3.6.3.noarch", }, }, { category: "product_version", name: "openstack-swift-object-2.19.3~dev3-3.6.3.noarch", product: { name: "openstack-swift-object-2.19.3~dev3-3.6.3.noarch", product_id: "openstack-swift-object-2.19.3~dev3-3.6.3.noarch", }, }, { category: "product_version", name: "openstack-swift-proxy-2.19.3~dev3-3.6.3.noarch", product: { name: "openstack-swift-proxy-2.19.3~dev3-3.6.3.noarch", product_id: "openstack-swift-proxy-2.19.3~dev3-3.6.3.noarch", }, }, { category: "product_version", name: "openstack-swift-test-2.19.3~dev3-3.6.3.noarch", product: { name: "openstack-swift-test-2.19.3~dev3-3.6.3.noarch", product_id: "openstack-swift-test-2.19.3~dev3-3.6.3.noarch", }, }, { category: "product_version", name: "python-Werkzeug-0.14.1-3.6.2.noarch", product: { name: "python-Werkzeug-0.14.1-3.6.2.noarch", product_id: "python-Werkzeug-0.14.1-3.6.2.noarch", }, }, { category: "product_version", name: "python-heat-11.0.4~dev4-3.24.4.noarch", product: { name: "python-heat-11.0.4~dev4-3.24.4.noarch", product_id: "python-heat-11.0.4~dev4-3.24.4.noarch", }, }, { category: "product_version", name: "python-swift-2.19.3~dev3-3.6.3.noarch", product: { name: "python-swift-2.19.3~dev3-3.6.3.noarch", product_id: "python-swift-2.19.3~dev3-3.6.3.noarch", }, }, { category: "product_version", name: "python3-Werkzeug-0.14.1-3.6.2.noarch", product: { name: "python3-Werkzeug-0.14.1-3.6.2.noarch", product_id: "python3-Werkzeug-0.14.1-3.6.2.noarch", }, }, { category: "product_version", name: "venv-openstack-designate-x86_64-7.0.2~dev2-3.41.2.noarch", product: { name: "venv-openstack-designate-x86_64-7.0.2~dev2-3.41.2.noarch", product_id: "venv-openstack-designate-x86_64-7.0.2~dev2-3.41.2.noarch", }, }, { category: "product_version", name: "venv-openstack-heat-x86_64-11.0.4~dev4-3.43.2.noarch", product: { name: "venv-openstack-heat-x86_64-11.0.4~dev4-3.43.2.noarch", product_id: "venv-openstack-heat-x86_64-11.0.4~dev4-3.43.2.noarch", }, }, { category: "product_version", name: "venv-openstack-keystone-x86_64-14.2.1~dev9-3.42.2.noarch", product: { name: "venv-openstack-keystone-x86_64-14.2.1~dev9-3.42.2.noarch", product_id: "venv-openstack-keystone-x86_64-14.2.1~dev9-3.42.2.noarch", }, }, { category: "product_version", name: "venv-openstack-magnum-x86_64-7.2.1~dev1-4.41.3.noarch", product: { name: "venv-openstack-magnum-x86_64-7.2.1~dev1-4.41.3.noarch", product_id: "venv-openstack-magnum-x86_64-7.2.1~dev1-4.41.3.noarch", }, }, { category: "product_version", name: "venv-openstack-octavia-x86_64-3.2.3~dev7-4.41.2.noarch", product: { name: "venv-openstack-octavia-x86_64-3.2.3~dev7-4.41.2.noarch", product_id: "venv-openstack-octavia-x86_64-3.2.3~dev7-4.41.2.noarch", }, }, { category: "product_version", name: "venv-openstack-sahara-x86_64-9.0.2~dev15-3.41.2.noarch", product: { name: "venv-openstack-sahara-x86_64-9.0.2~dev15-3.41.2.noarch", product_id: "venv-openstack-sahara-x86_64-9.0.2~dev15-3.41.2.noarch", }, }, { category: "product_version", name: "venv-openstack-swift-x86_64-2.19.3~dev3-2.36.3.noarch", product: { name: "venv-openstack-swift-x86_64-2.19.3~dev3-2.36.3.noarch", product_id: "venv-openstack-swift-x86_64-2.19.3~dev3-2.36.3.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_name", name: "SUSE OpenStack Cloud 9", product: { name: "SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9", product_identification_helper: { cpe: "cpe:/o:suse:suse-openstack-cloud:9", }, }, }, { category: "product_name", name: "SUSE OpenStack Cloud Crowbar 9", product: { name: "SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9", product_identification_helper: { cpe: "cpe:/o:suse:suse-openstack-cloud-crowbar:9", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "openstack-heat-11.0.4~dev4-3.24.4.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-heat-11.0.4~dev4-3.24.4.noarch", }, product_reference: "openstack-heat-11.0.4~dev4-3.24.4.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-heat-api-11.0.4~dev4-3.24.4.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-heat-api-11.0.4~dev4-3.24.4.noarch", }, product_reference: "openstack-heat-api-11.0.4~dev4-3.24.4.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-heat-api-cfn-11.0.4~dev4-3.24.4.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-heat-api-cfn-11.0.4~dev4-3.24.4.noarch", }, product_reference: "openstack-heat-api-cfn-11.0.4~dev4-3.24.4.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-heat-engine-11.0.4~dev4-3.24.4.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-heat-engine-11.0.4~dev4-3.24.4.noarch", }, product_reference: "openstack-heat-engine-11.0.4~dev4-3.24.4.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-heat-plugin-heat_docker-11.0.4~dev4-3.24.4.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-heat-plugin-heat_docker-11.0.4~dev4-3.24.4.noarch", }, product_reference: "openstack-heat-plugin-heat_docker-11.0.4~dev4-3.24.4.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-swift-2.19.3~dev3-3.6.3.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-swift-2.19.3~dev3-3.6.3.noarch", }, product_reference: "openstack-swift-2.19.3~dev3-3.6.3.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-swift-account-2.19.3~dev3-3.6.3.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-swift-account-2.19.3~dev3-3.6.3.noarch", }, product_reference: "openstack-swift-account-2.19.3~dev3-3.6.3.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-swift-container-2.19.3~dev3-3.6.3.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-swift-container-2.19.3~dev3-3.6.3.noarch", }, product_reference: "openstack-swift-container-2.19.3~dev3-3.6.3.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-swift-object-2.19.3~dev3-3.6.3.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-swift-object-2.19.3~dev3-3.6.3.noarch", }, product_reference: "openstack-swift-object-2.19.3~dev3-3.6.3.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-swift-proxy-2.19.3~dev3-3.6.3.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-swift-proxy-2.19.3~dev3-3.6.3.noarch", }, product_reference: "openstack-swift-proxy-2.19.3~dev3-3.6.3.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "python-Werkzeug-0.14.1-3.6.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:python-Werkzeug-0.14.1-3.6.2.noarch", }, product_reference: "python-Werkzeug-0.14.1-3.6.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "python-heat-11.0.4~dev4-3.24.4.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:python-heat-11.0.4~dev4-3.24.4.noarch", }, product_reference: "python-heat-11.0.4~dev4-3.24.4.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "python-swift-2.19.3~dev3-3.6.3.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:python-swift-2.19.3~dev3-3.6.3.noarch", }, product_reference: "python-swift-2.19.3~dev3-3.6.3.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-designate-x86_64-7.0.2~dev2-3.41.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.41.2.noarch", }, product_reference: "venv-openstack-designate-x86_64-7.0.2~dev2-3.41.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-heat-x86_64-11.0.4~dev4-3.43.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.43.2.noarch", }, product_reference: "venv-openstack-heat-x86_64-11.0.4~dev4-3.43.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-keystone-x86_64-14.2.1~dev9-3.42.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev9-3.42.2.noarch", }, product_reference: "venv-openstack-keystone-x86_64-14.2.1~dev9-3.42.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-magnum-x86_64-7.2.1~dev1-4.41.3.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.41.3.noarch", }, product_reference: "venv-openstack-magnum-x86_64-7.2.1~dev1-4.41.3.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-octavia-x86_64-3.2.3~dev7-4.41.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.41.2.noarch", }, product_reference: "venv-openstack-octavia-x86_64-3.2.3~dev7-4.41.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-sahara-x86_64-9.0.2~dev15-3.41.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.41.2.noarch", }, product_reference: "venv-openstack-sahara-x86_64-9.0.2~dev15-3.41.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-swift-x86_64-2.19.3~dev3-2.36.3.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.3~dev3-2.36.3.noarch", }, product_reference: "venv-openstack-swift-x86_64-2.19.3~dev3-2.36.3.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-heat-11.0.4~dev4-3.24.4.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-heat-11.0.4~dev4-3.24.4.noarch", }, product_reference: "openstack-heat-11.0.4~dev4-3.24.4.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-heat-api-11.0.4~dev4-3.24.4.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-heat-api-11.0.4~dev4-3.24.4.noarch", }, product_reference: "openstack-heat-api-11.0.4~dev4-3.24.4.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-heat-api-cfn-11.0.4~dev4-3.24.4.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-heat-api-cfn-11.0.4~dev4-3.24.4.noarch", }, product_reference: "openstack-heat-api-cfn-11.0.4~dev4-3.24.4.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-heat-engine-11.0.4~dev4-3.24.4.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-heat-engine-11.0.4~dev4-3.24.4.noarch", }, product_reference: "openstack-heat-engine-11.0.4~dev4-3.24.4.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-heat-plugin-heat_docker-11.0.4~dev4-3.24.4.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-heat-plugin-heat_docker-11.0.4~dev4-3.24.4.noarch", }, product_reference: "openstack-heat-plugin-heat_docker-11.0.4~dev4-3.24.4.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-swift-2.19.3~dev3-3.6.3.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-swift-2.19.3~dev3-3.6.3.noarch", }, product_reference: "openstack-swift-2.19.3~dev3-3.6.3.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-swift-account-2.19.3~dev3-3.6.3.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-swift-account-2.19.3~dev3-3.6.3.noarch", }, product_reference: "openstack-swift-account-2.19.3~dev3-3.6.3.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-swift-container-2.19.3~dev3-3.6.3.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-swift-container-2.19.3~dev3-3.6.3.noarch", }, product_reference: "openstack-swift-container-2.19.3~dev3-3.6.3.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-swift-object-2.19.3~dev3-3.6.3.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-swift-object-2.19.3~dev3-3.6.3.noarch", }, product_reference: "openstack-swift-object-2.19.3~dev3-3.6.3.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-swift-proxy-2.19.3~dev3-3.6.3.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-swift-proxy-2.19.3~dev3-3.6.3.noarch", }, product_reference: "openstack-swift-proxy-2.19.3~dev3-3.6.3.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "python-Werkzeug-0.14.1-3.6.2.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:python-Werkzeug-0.14.1-3.6.2.noarch", }, product_reference: "python-Werkzeug-0.14.1-3.6.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "python-heat-11.0.4~dev4-3.24.4.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:python-heat-11.0.4~dev4-3.24.4.noarch", }, product_reference: "python-heat-11.0.4~dev4-3.24.4.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "python-swift-2.19.3~dev3-3.6.3.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:python-swift-2.19.3~dev3-3.6.3.noarch", }, product_reference: "python-swift-2.19.3~dev3-3.6.3.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, ], }, vulnerabilities: [ { cve: "CVE-2022-47950", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-47950", }, ], notes: [ { category: "general", text: "An issue was discovered in OpenStack Swift before 2.28.1, 2.29.x before 2.29.2, and 2.30.0. By supplying crafted XML files, an authenticated user may coerce the S3 API into returning arbitrary file contents from the host server, resulting in unauthorized read access to potentially sensitive data. This impacts both s3api deployments (Rocky or later), and swift3 deployments (Queens and earlier, no longer actively developed).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 9:openstack-heat-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud 9:openstack-heat-api-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud 9:openstack-heat-api-cfn-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud 9:openstack-heat-engine-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud 9:openstack-heat-plugin-heat_docker-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud 9:openstack-swift-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud 9:openstack-swift-account-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud 9:openstack-swift-container-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud 9:openstack-swift-object-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud 9:openstack-swift-proxy-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud 9:python-Werkzeug-0.14.1-3.6.2.noarch", "SUSE OpenStack Cloud 9:python-heat-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud 9:python-swift-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.41.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.43.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev9-3.42.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.41.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.41.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.41.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.3~dev3-2.36.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-api-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-api-cfn-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-engine-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-plugin-heat_docker-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-swift-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-swift-account-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-swift-container-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-swift-object-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-swift-proxy-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Werkzeug-0.14.1-3.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-heat-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-swift-2.19.3~dev3-3.6.3.noarch", ], }, references: [ { category: "external", summary: "CVE-2022-47950", url: "https://www.suse.com/security/cve/CVE-2022-47950", }, { category: "external", summary: "SUSE Bug 1207035 for CVE-2022-47950", url: "https://bugzilla.suse.com/1207035", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 9:openstack-heat-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud 9:openstack-heat-api-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud 9:openstack-heat-api-cfn-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud 9:openstack-heat-engine-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud 9:openstack-heat-plugin-heat_docker-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud 9:openstack-swift-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud 9:openstack-swift-account-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud 9:openstack-swift-container-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud 9:openstack-swift-object-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud 9:openstack-swift-proxy-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud 9:python-Werkzeug-0.14.1-3.6.2.noarch", "SUSE OpenStack Cloud 9:python-heat-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud 9:python-swift-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.41.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.43.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev9-3.42.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.41.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.41.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.41.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.3~dev3-2.36.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-api-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-api-cfn-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-engine-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-plugin-heat_docker-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-swift-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-swift-account-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-swift-container-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-swift-object-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-swift-proxy-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Werkzeug-0.14.1-3.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-heat-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-swift-2.19.3~dev3-3.6.3.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE OpenStack Cloud 9:openstack-heat-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud 9:openstack-heat-api-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud 9:openstack-heat-api-cfn-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud 9:openstack-heat-engine-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud 9:openstack-heat-plugin-heat_docker-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud 9:openstack-swift-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud 9:openstack-swift-account-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud 9:openstack-swift-container-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud 9:openstack-swift-object-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud 9:openstack-swift-proxy-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud 9:python-Werkzeug-0.14.1-3.6.2.noarch", "SUSE OpenStack Cloud 9:python-heat-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud 9:python-swift-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.41.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.43.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev9-3.42.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.41.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.41.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.41.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.3~dev3-2.36.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-api-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-api-cfn-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-engine-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-plugin-heat_docker-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-swift-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-swift-account-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-swift-container-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-swift-object-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-swift-proxy-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Werkzeug-0.14.1-3.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-heat-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-swift-2.19.3~dev3-3.6.3.noarch", ], }, ], threats: [ { category: "impact", date: "2023-06-05T14:38:36Z", details: "important", }, ], title: "CVE-2022-47950", }, { cve: "CVE-2023-1625", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1625", }, ], notes: [ { category: "general", text: "An information leak was discovered in OpenStack heat. This issue could allow a remote, authenticated attacker to use the 'stack show' command to reveal parameters which are supposed to remain hidden. This has a low impact to the confidentiality, integrity, and availability of the system.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 9:openstack-heat-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud 9:openstack-heat-api-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud 9:openstack-heat-api-cfn-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud 9:openstack-heat-engine-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud 9:openstack-heat-plugin-heat_docker-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud 9:openstack-swift-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud 9:openstack-swift-account-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud 9:openstack-swift-container-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud 9:openstack-swift-object-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud 9:openstack-swift-proxy-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud 9:python-Werkzeug-0.14.1-3.6.2.noarch", "SUSE OpenStack Cloud 9:python-heat-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud 9:python-swift-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.41.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.43.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev9-3.42.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.41.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.41.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.41.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.3~dev3-2.36.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-api-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-api-cfn-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-engine-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-plugin-heat_docker-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-swift-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-swift-account-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-swift-container-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-swift-object-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-swift-proxy-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Werkzeug-0.14.1-3.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-heat-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-swift-2.19.3~dev3-3.6.3.noarch", ], }, references: [ { category: "external", summary: "CVE-2023-1625", url: "https://www.suse.com/security/cve/CVE-2023-1625", }, { category: "external", summary: "SUSE Bug 1209774 for CVE-2023-1625", url: "https://bugzilla.suse.com/1209774", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 9:openstack-heat-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud 9:openstack-heat-api-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud 9:openstack-heat-api-cfn-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud 9:openstack-heat-engine-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud 9:openstack-heat-plugin-heat_docker-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud 9:openstack-swift-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud 9:openstack-swift-account-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud 9:openstack-swift-container-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud 9:openstack-swift-object-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud 9:openstack-swift-proxy-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud 9:python-Werkzeug-0.14.1-3.6.2.noarch", "SUSE OpenStack Cloud 9:python-heat-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud 9:python-swift-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.41.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.43.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev9-3.42.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.41.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.41.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.41.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.3~dev3-2.36.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-api-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-api-cfn-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-engine-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-plugin-heat_docker-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-swift-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-swift-account-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-swift-container-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-swift-object-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-swift-proxy-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Werkzeug-0.14.1-3.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-heat-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-swift-2.19.3~dev3-3.6.3.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE OpenStack Cloud 9:openstack-heat-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud 9:openstack-heat-api-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud 9:openstack-heat-api-cfn-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud 9:openstack-heat-engine-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud 9:openstack-heat-plugin-heat_docker-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud 9:openstack-swift-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud 9:openstack-swift-account-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud 9:openstack-swift-container-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud 9:openstack-swift-object-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud 9:openstack-swift-proxy-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud 9:python-Werkzeug-0.14.1-3.6.2.noarch", "SUSE OpenStack Cloud 9:python-heat-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud 9:python-swift-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.41.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.43.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev9-3.42.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.41.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.41.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.41.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.3~dev3-2.36.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-api-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-api-cfn-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-engine-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-plugin-heat_docker-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-swift-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-swift-account-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-swift-container-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-swift-object-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-swift-proxy-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Werkzeug-0.14.1-3.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-heat-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-swift-2.19.3~dev3-3.6.3.noarch", ], }, ], threats: [ { category: "impact", date: "2023-06-05T14:38:36Z", details: "important", }, ], title: "CVE-2023-1625", }, { cve: "CVE-2023-25577", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-25577", }, ], notes: [ { category: "general", text: "Werkzeug is a comprehensive WSGI web application library. Prior to version 2.2.3, Werkzeug's multipart form data parser will parse an unlimited number of parts, including file parts. Parts can be a small amount of bytes, but each requires CPU time to parse and may use more memory as Python data. If a request can be made to an endpoint that accesses `request.data`, `request.form`, `request.files`, or `request.get_data(parse_form_data=False)`, it can cause unexpectedly high resource usage. This allows an attacker to cause a denial of service by sending crafted multipart data to an endpoint that will parse it. The amount of CPU time required can block worker processes from handling legitimate requests. The amount of RAM required can trigger an out of memory kill of the process. Unlimited file parts can use up memory and file handles. If many concurrent requests are sent continuously, this can exhaust or kill all available workers. Version 2.2.3 contains a patch for this issue.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 9:openstack-heat-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud 9:openstack-heat-api-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud 9:openstack-heat-api-cfn-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud 9:openstack-heat-engine-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud 9:openstack-heat-plugin-heat_docker-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud 9:openstack-swift-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud 9:openstack-swift-account-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud 9:openstack-swift-container-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud 9:openstack-swift-object-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud 9:openstack-swift-proxy-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud 9:python-Werkzeug-0.14.1-3.6.2.noarch", "SUSE OpenStack Cloud 9:python-heat-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud 9:python-swift-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.41.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.43.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev9-3.42.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.41.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.41.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.41.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.3~dev3-2.36.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-api-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-api-cfn-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-engine-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-plugin-heat_docker-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-swift-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-swift-account-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-swift-container-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-swift-object-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-swift-proxy-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Werkzeug-0.14.1-3.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-heat-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-swift-2.19.3~dev3-3.6.3.noarch", ], }, references: [ { category: "external", summary: "CVE-2023-25577", url: "https://www.suse.com/security/cve/CVE-2023-25577", }, { category: "external", summary: "SUSE Bug 1208283 for CVE-2023-25577", url: "https://bugzilla.suse.com/1208283", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 9:openstack-heat-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud 9:openstack-heat-api-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud 9:openstack-heat-api-cfn-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud 9:openstack-heat-engine-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud 9:openstack-heat-plugin-heat_docker-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud 9:openstack-swift-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud 9:openstack-swift-account-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud 9:openstack-swift-container-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud 9:openstack-swift-object-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud 9:openstack-swift-proxy-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud 9:python-Werkzeug-0.14.1-3.6.2.noarch", "SUSE OpenStack Cloud 9:python-heat-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud 9:python-swift-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.41.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.43.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev9-3.42.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.41.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.41.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.41.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.3~dev3-2.36.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-api-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-api-cfn-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-engine-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-plugin-heat_docker-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-swift-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-swift-account-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-swift-container-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-swift-object-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-swift-proxy-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Werkzeug-0.14.1-3.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-heat-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-swift-2.19.3~dev3-3.6.3.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE OpenStack Cloud 9:openstack-heat-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud 9:openstack-heat-api-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud 9:openstack-heat-api-cfn-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud 9:openstack-heat-engine-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud 9:openstack-heat-plugin-heat_docker-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud 9:openstack-swift-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud 9:openstack-swift-account-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud 9:openstack-swift-container-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud 9:openstack-swift-object-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud 9:openstack-swift-proxy-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud 9:python-Werkzeug-0.14.1-3.6.2.noarch", "SUSE OpenStack Cloud 9:python-heat-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud 9:python-swift-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.41.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.43.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev9-3.42.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.41.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.41.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.41.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.3~dev3-2.36.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-api-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-api-cfn-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-engine-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-plugin-heat_docker-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-swift-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-swift-account-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-swift-container-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-swift-object-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-swift-proxy-2.19.3~dev3-3.6.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Werkzeug-0.14.1-3.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-heat-11.0.4~dev4-3.24.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-swift-2.19.3~dev3-3.6.3.noarch", ], }, ], threats: [ { category: "impact", date: "2023-06-05T14:38:36Z", details: "important", }, ], title: "CVE-2023-25577", }, ], }
WID-SEC-W-2023-2432
Vulnerability from csaf_certbund
Published
2023-09-24 22:00
Modified
2023-11-08 23:00
Summary
Red Hat OpenStack: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Red Hat OpenStack ist eine Sammlung von Diensten, um Cloud-Computing in Form von Infrastructure as a Service (IaaS) bereitstellen zu können.
Angriff
Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in Red Hat OpenStack ausnutzen, um Informationen offenzulegen.
Betroffene Betriebssysteme
- Linux
{ document: { aggregate_severity: { text: "mittel", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "Red Hat OpenStack ist eine Sammlung von Diensten, um Cloud-Computing in Form von Infrastructure as a Service (IaaS) bereitstellen zu können.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in Red Hat OpenStack ausnutzen, um Informationen offenzulegen.", title: "Angriff", }, { category: "general", text: "- Linux", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2023-2432 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2432.json", }, { category: "self", summary: "WID-SEC-2023-2432 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2432", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2023:6231 vom 2023-11-09", url: "https://access.redhat.com/errata/RHSA-2023:6231", }, { category: "external", summary: "OpenStack Security Advisories vom 2023-09-24", url: "https://github.com/advisories/GHSA-6rx9-c2rh-3qv4", }, { category: "external", summary: "OpenStack Security Advisories vom 2023-09-24", url: "https://github.com/advisories/GHSA-6qqp-4vm3-359v", }, { category: "external", summary: "OpenStack Security Advisories vom 2023-09-24", url: "https://github.com/advisories/GHSA-5836-grcc-8j89", }, ], source_lang: "en-US", title: "Red Hat OpenStack: Mehrere Schwachstellen", tracking: { current_release_date: "2023-11-08T23:00:00.000+00:00", generator: { date: "2024-08-15T17:58:47.194+00:00", engine: { name: "BSI-WID", version: "1.3.5", }, }, id: "WID-SEC-W-2023-2432", initial_release_date: "2023-09-24T22:00:00.000+00:00", revision_history: [ { date: "2023-09-24T22:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2023-11-08T23:00:00.000+00:00", number: "2", summary: "Neue Updates von Red Hat aufgenommen", }, ], status: "final", version: "2", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux", product: { name: "Red Hat Enterprise Linux", product_id: "67646", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:-", }, }, }, { category: "product_name", name: "Red Hat OpenStack", product: { name: "Red Hat OpenStack", product_id: "T030057", product_identification_helper: { cpe: "cpe:/a:redhat:openstack:-", }, }, }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2023-1636", notes: [ { category: "description", text: "Es besteht eine Schwachstelle in Red Hat OpenStack. Dieser Fehler besteht in den Barbican-Containern und wird durch eine unvollständige Container-Isolierung verursacht, da die Container denselben CGROUP-, USER- und NET-Namensraum mit dem Host-System und anderen Diensten teilen. Ein entfernter authentifizierter Angreifer kann diese Schwachstelle ausnutzen, um vertrauliche Informationen offenzulegen.", }, ], product_status: { known_affected: [ "T030057", "67646", ], }, release_date: "2023-09-24T22:00:00.000+00:00", title: "CVE-2023-1636", }, { cve: "CVE-2023-1633", notes: [ { category: "description", text: "Es besteht eine Schwachstelle in Red Hat OpenStack. Dieser Fehler besteht in der Barbican-Komponente, da die Konfigurationsdatei auf \"world-readable\" gesetzt ist. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um vertrauliche Informationen offenzulegen.", }, ], product_status: { known_affected: [ "T030057", "67646", ], }, release_date: "2023-09-24T22:00:00.000+00:00", title: "CVE-2023-1633", }, { cve: "CVE-2023-1625", notes: [ { category: "description", text: "Es besteht eine Schwachstelle in Red Hat OpenStack. Dieser Fehler besteht in der Heat-Komponente, die es ermöglicht, mit dem Befehl \"stack show\" Parameter offenzulegen, die eigentlich verborgen bleiben sollten. Ein entfernter authentifizierter Angreifer kann diese Schwachstelle ausnutzen, um vertrauliche Informationen offenzulegen.", }, ], product_status: { known_affected: [ "T030057", "67646", ], }, release_date: "2023-09-24T22:00:00.000+00:00", title: "CVE-2023-1625", }, ], }
wid-sec-w-2024-1767
Vulnerability from csaf_certbund
Published
2024-08-05 22:00
Modified
2024-08-05 22:00
Summary
Red Hat OpenStack: Schwachstelle ermöglicht Offenlegung von Informationen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Red Hat OpenStack ist eine Sammlung von Diensten, um Cloud-Computing in Form von Infrastructure as a Service (IaaS) bereitstellen zu können.
Angriff
Ein entfernter, authentisierter Angreifer kann eine Schwachstelle in Red Hat OpenStack ausnutzen, um Informationen offenzulegen.
Betroffene Betriebssysteme
- Linux
{ document: { aggregate_severity: { text: "mittel", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "Red Hat OpenStack ist eine Sammlung von Diensten, um Cloud-Computing in Form von Infrastructure as a Service (IaaS) bereitstellen zu können.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, authentisierter Angreifer kann eine Schwachstelle in Red Hat OpenStack ausnutzen, um Informationen offenzulegen.", title: "Angriff", }, { category: "general", text: "- Linux", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2024-1767 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1767.json", }, { category: "self", summary: "WID-SEC-2024-1767 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1767", }, { category: "external", summary: "GitHub Advisory Database vom 2024-08-05", url: "https://github.com/advisories/GHSA-2fqr-cx7q-3ph8", }, { category: "external", summary: "RedHat Customer Portal vom 2024-08-05", url: "https://access.redhat.com/security/cve/CVE-2024-7319", }, ], source_lang: "en-US", title: "Red Hat OpenStack: Schwachstelle ermöglicht Offenlegung von Informationen", tracking: { current_release_date: "2024-08-05T22:00:00.000+00:00", generator: { date: "2024-08-15T18:11:58.603+00:00", engine: { name: "BSI-WID", version: "1.3.5", }, }, id: "WID-SEC-W-2024-1767", initial_release_date: "2024-08-05T22:00:00.000+00:00", revision_history: [ { date: "2024-08-05T22:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version_range", name: "heat <=22.0.1", product: { name: "Red Hat OpenStack heat <=22.0.1", product_id: "T036616", }, }, ], category: "product_name", name: "OpenStack", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2023-1625", notes: [ { category: "description", text: "Es besteht eine Schwachstelle in Red Hat OpenStack. Diese besteht aufgrund einer unvollständigen Korrektur für CVE-2023-1625, die es ermöglicht, vertrauliche Informationen über den Befehl stack abandon offenzulegen, wenn die versteckte Funktion auf True gesetzt ist. Ein entfernter authentifizierter Angreifer kann diese Schwachstelle ausnutzen, um vertrauliche Informationen offenzulegen.", }, ], product_status: { last_affected: [ "T036616", ], }, release_date: "2024-08-05T22:00:00.000+00:00", title: "CVE-2023-1625", }, ], }
wid-sec-w-2023-2432
Vulnerability from csaf_certbund
Published
2023-09-24 22:00
Modified
2023-11-08 23:00
Summary
Red Hat OpenStack: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Red Hat OpenStack ist eine Sammlung von Diensten, um Cloud-Computing in Form von Infrastructure as a Service (IaaS) bereitstellen zu können.
Angriff
Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in Red Hat OpenStack ausnutzen, um Informationen offenzulegen.
Betroffene Betriebssysteme
- Linux
{ document: { aggregate_severity: { text: "mittel", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "Red Hat OpenStack ist eine Sammlung von Diensten, um Cloud-Computing in Form von Infrastructure as a Service (IaaS) bereitstellen zu können.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in Red Hat OpenStack ausnutzen, um Informationen offenzulegen.", title: "Angriff", }, { category: "general", text: "- Linux", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2023-2432 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2432.json", }, { category: "self", summary: "WID-SEC-2023-2432 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2432", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2023:6231 vom 2023-11-09", url: "https://access.redhat.com/errata/RHSA-2023:6231", }, { category: "external", summary: "OpenStack Security Advisories vom 2023-09-24", url: "https://github.com/advisories/GHSA-6rx9-c2rh-3qv4", }, { category: "external", summary: "OpenStack Security Advisories vom 2023-09-24", url: "https://github.com/advisories/GHSA-6qqp-4vm3-359v", }, { category: "external", summary: "OpenStack Security Advisories vom 2023-09-24", url: "https://github.com/advisories/GHSA-5836-grcc-8j89", }, ], source_lang: "en-US", title: "Red Hat OpenStack: Mehrere Schwachstellen", tracking: { current_release_date: "2023-11-08T23:00:00.000+00:00", generator: { date: "2024-08-15T17:58:47.194+00:00", engine: { name: "BSI-WID", version: "1.3.5", }, }, id: "WID-SEC-W-2023-2432", initial_release_date: "2023-09-24T22:00:00.000+00:00", revision_history: [ { date: "2023-09-24T22:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2023-11-08T23:00:00.000+00:00", number: "2", summary: "Neue Updates von Red Hat aufgenommen", }, ], status: "final", version: "2", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux", product: { name: "Red Hat Enterprise Linux", product_id: "67646", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:-", }, }, }, { category: "product_name", name: "Red Hat OpenStack", product: { name: "Red Hat OpenStack", product_id: "T030057", product_identification_helper: { cpe: "cpe:/a:redhat:openstack:-", }, }, }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2023-1636", notes: [ { category: "description", text: "Es besteht eine Schwachstelle in Red Hat OpenStack. Dieser Fehler besteht in den Barbican-Containern und wird durch eine unvollständige Container-Isolierung verursacht, da die Container denselben CGROUP-, USER- und NET-Namensraum mit dem Host-System und anderen Diensten teilen. Ein entfernter authentifizierter Angreifer kann diese Schwachstelle ausnutzen, um vertrauliche Informationen offenzulegen.", }, ], product_status: { known_affected: [ "T030057", "67646", ], }, release_date: "2023-09-24T22:00:00.000+00:00", title: "CVE-2023-1636", }, { cve: "CVE-2023-1633", notes: [ { category: "description", text: "Es besteht eine Schwachstelle in Red Hat OpenStack. Dieser Fehler besteht in der Barbican-Komponente, da die Konfigurationsdatei auf \"world-readable\" gesetzt ist. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um vertrauliche Informationen offenzulegen.", }, ], product_status: { known_affected: [ "T030057", "67646", ], }, release_date: "2023-09-24T22:00:00.000+00:00", title: "CVE-2023-1633", }, { cve: "CVE-2023-1625", notes: [ { category: "description", text: "Es besteht eine Schwachstelle in Red Hat OpenStack. Dieser Fehler besteht in der Heat-Komponente, die es ermöglicht, mit dem Befehl \"stack show\" Parameter offenzulegen, die eigentlich verborgen bleiben sollten. Ein entfernter authentifizierter Angreifer kann diese Schwachstelle ausnutzen, um vertrauliche Informationen offenzulegen.", }, ], product_status: { known_affected: [ "T030057", "67646", ], }, release_date: "2023-09-24T22:00:00.000+00:00", title: "CVE-2023-1625", }, ], }
WID-SEC-W-2024-1767
Vulnerability from csaf_certbund
Published
2024-08-05 22:00
Modified
2024-08-05 22:00
Summary
Red Hat OpenStack: Schwachstelle ermöglicht Offenlegung von Informationen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Red Hat OpenStack ist eine Sammlung von Diensten, um Cloud-Computing in Form von Infrastructure as a Service (IaaS) bereitstellen zu können.
Angriff
Ein entfernter, authentisierter Angreifer kann eine Schwachstelle in Red Hat OpenStack ausnutzen, um Informationen offenzulegen.
Betroffene Betriebssysteme
- Linux
{ document: { aggregate_severity: { text: "mittel", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "Red Hat OpenStack ist eine Sammlung von Diensten, um Cloud-Computing in Form von Infrastructure as a Service (IaaS) bereitstellen zu können.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, authentisierter Angreifer kann eine Schwachstelle in Red Hat OpenStack ausnutzen, um Informationen offenzulegen.", title: "Angriff", }, { category: "general", text: "- Linux", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2024-1767 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1767.json", }, { category: "self", summary: "WID-SEC-2024-1767 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1767", }, { category: "external", summary: "GitHub Advisory Database vom 2024-08-05", url: "https://github.com/advisories/GHSA-2fqr-cx7q-3ph8", }, { category: "external", summary: "RedHat Customer Portal vom 2024-08-05", url: "https://access.redhat.com/security/cve/CVE-2024-7319", }, ], source_lang: "en-US", title: "Red Hat OpenStack: Schwachstelle ermöglicht Offenlegung von Informationen", tracking: { current_release_date: "2024-08-05T22:00:00.000+00:00", generator: { date: "2024-08-15T18:11:58.603+00:00", engine: { name: "BSI-WID", version: "1.3.5", }, }, id: "WID-SEC-W-2024-1767", initial_release_date: "2024-08-05T22:00:00.000+00:00", revision_history: [ { date: "2024-08-05T22:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version_range", name: "heat <=22.0.1", product: { name: "Red Hat OpenStack heat <=22.0.1", product_id: "T036616", }, }, ], category: "product_name", name: "OpenStack", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2023-1625", notes: [ { category: "description", text: "Es besteht eine Schwachstelle in Red Hat OpenStack. Diese besteht aufgrund einer unvollständigen Korrektur für CVE-2023-1625, die es ermöglicht, vertrauliche Informationen über den Befehl stack abandon offenzulegen, wenn die versteckte Funktion auf True gesetzt ist. Ein entfernter authentifizierter Angreifer kann diese Schwachstelle ausnutzen, um vertrauliche Informationen offenzulegen.", }, ], product_status: { last_affected: [ "T036616", ], }, release_date: "2024-08-05T22:00:00.000+00:00", title: "CVE-2023-1625", }, ], }
fkie_cve-2023-1625
Vulnerability from fkie_nvd
Published
2023-09-24 01:15
Modified
2024-11-21 07:39
Severity ?
7.4 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L
5.0 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
5.0 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
Summary
An information leak was discovered in OpenStack heat. This issue could allow a remote, authenticated attacker to use the 'stack show' command to reveal parameters which are supposed to remain hidden. This has a low impact to the confidentiality, integrity, and availability of the system.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | https://access.redhat.com/security/cve/CVE-2023-1625 | Third Party Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=2181621 | Issue Tracking, Third Party Advisory | |
| secalert@redhat.com | https://github.com/openstack/heat/commit/a49526c278e52823080c7f3fcb72785b93fd4dcb | Patch | |
| secalert@redhat.com | https://launchpad.net/bugs/1999665 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/security/cve/CVE-2023-1625 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=2181621 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/openstack/heat/commit/a49526c278e52823080c7f3fcb72785b93fd4dcb | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.net/bugs/1999665 | Exploit, Issue Tracking, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| openstack | heat | - | |
| redhat | openstack_platform | 13.0 | |
| redhat | openstack_platform | 16.1 | |
| redhat | openstack_platform | 16.2 | |
| redhat | openstack_platform | 17.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openstack:heat:-:*:*:*:*:*:*:*", matchCriteriaId: "35EFBEEB-51E5-4202-A451-7C1B72E72497", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:openstack_platform:13.0:*:*:*:*:*:*:*", matchCriteriaId: "C52600BF-9E87-4CD2-91F3-685AFE478C1E", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openstack_platform:16.1:*:*:*:*:*:*:*", matchCriteriaId: "DCC81071-B46D-4F5D-AC25-B4A4CCC20C73", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openstack_platform:16.2:*:*:*:*:*:*:*", matchCriteriaId: "4B3000D2-35DF-4A93-9FC0-1AD3AB8349B8", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openstack_platform:17.0:*:*:*:*:*:*:*", matchCriteriaId: "F7076B1E-0529-43CC-828B-45C2ED11F9F6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An information leak was discovered in OpenStack heat. This issue could allow a remote, authenticated attacker to use the 'stack show' command to reveal parameters which are supposed to remain hidden. This has a low impact to the confidentiality, integrity, and availability of the system.", }, { lang: "es", value: "Se descubrió una fuga de información en OpenStack Heat. Este problema podría permitir que un atacante remoto y autenticado utilice el comando 'stack show' para revelar parámetros que se supone deben permanecer ocultos. Esto tiene un impacto bajo en la confidencialidad, integridad y disponibilidad del sistema.", }, ], id: "CVE-2023-1625", lastModified: "2024-11-21T07:39:34.227", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L", version: "3.1", }, exploitabilityScore: 3.1, impactScore: 3.7, source: "secalert@redhat.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.1, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-09-24T01:15:43.577", references: [ { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/security/cve/CVE-2023-1625", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2181621", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "https://github.com/openstack/heat/commit/a49526c278e52823080c7f3fcb72785b93fd4dcb", }, { source: "secalert@redhat.com", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://launchpad.net/bugs/1999665", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/security/cve/CVE-2023-1625", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2181621", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://github.com/openstack/heat/commit/a49526c278e52823080c7f3fcb72785b93fd4dcb", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://launchpad.net/bugs/1999665", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-202", }, ], source: "secalert@redhat.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
gsd-2023-1625
Vulnerability from gsd
Modified
2023-12-13 01:20
Details
An information leak was discovered in OpenStack heat. This issue could allow a remote, authenticated attacker to use the 'stack show' command to reveal parameters which are supposed to remain hidden. This has a low impact to the confidentiality, integrity, and availability of the system.
Aliases
Aliases
{ GSD: { alias: "CVE-2023-1625", id: "GSD-2023-1625", }, gsd: { metadata: { exploitCode: "unknown", remediation: "unknown", reportConfidence: "confirmed", type: "vulnerability", }, osvSchema: { aliases: [ "CVE-2023-1625", ], details: "An information leak was discovered in OpenStack heat. This issue could allow a remote, authenticated attacker to use the 'stack show' command to reveal parameters which are supposed to remain hidden. This has a low impact to the confidentiality, integrity, and availability of the system.", id: "GSD-2023-1625", modified: "2023-12-13T01:20:41.597258Z", schema_version: "1.4.0", }, }, namespaces: { "cve.org": { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2023-1625", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "openstack-heat", version: { version_data: [ { version_value: "not down converted", x_cve_json_5_version_data: { defaultStatus: "affected", }, }, ], }, }, ], }, vendor_name: "n/a", }, { product: { product_data: [ { product_name: "Red Hat OpenStack Platform 13 (Queens)", version: { version_data: [ { version_value: "not down converted", x_cve_json_5_version_data: { defaultStatus: "unknown", }, }, ], }, }, { product_name: "Red Hat OpenStack Platform 16.1", version: { version_data: [ { version_value: "not down converted", x_cve_json_5_version_data: { defaultStatus: "affected", }, }, ], }, }, { product_name: "Red Hat OpenStack Platform 16.2", version: { version_data: [ { version_value: "not down converted", x_cve_json_5_version_data: { defaultStatus: "affected", }, }, ], }, }, { product_name: "Red Hat OpenStack Platform 17.0", version: { version_data: [ { version_value: "not down converted", x_cve_json_5_version_data: { defaultStatus: "affected", }, }, ], }, }, ], }, vendor_name: "Red Hat", }, { product: { product_data: [ { product_name: "OpenStack RDO", version: { version_data: [ { version_value: "not down converted", x_cve_json_5_version_data: { defaultStatus: "affected", }, }, ], }, }, ], }, vendor_name: "RDO", }, ], }, }, credits: [ { lang: "en", value: "Red Hat would like to thank Chengen Du (Canonical) for reporting this issue.", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An information leak was discovered in OpenStack heat. This issue could allow a remote, authenticated attacker to use the 'stack show' command to reveal parameters which are supposed to remain hidden. This has a low impact to the confidentiality, integrity, and availability of the system.", }, ], }, impact: { cvss: [ { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L", version: "3.1", }, ], }, problemtype: { problemtype_data: [ { description: [ { cweId: "CWE-202", lang: "eng", value: "Exposure of Sensitive Information Through Data Queries", }, ], }, ], }, references: { reference_data: [ { name: "https://access.redhat.com/security/cve/CVE-2023-1625", refsource: "MISC", url: "https://access.redhat.com/security/cve/CVE-2023-1625", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=2181621", refsource: "MISC", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2181621", }, { name: "https://github.com/openstack/heat/commit/a49526c278e52823080c7f3fcb72785b93fd4dcb", refsource: "MISC", url: "https://github.com/openstack/heat/commit/a49526c278e52823080c7f3fcb72785b93fd4dcb", }, { name: "https://launchpad.net/bugs/1999665", refsource: "MISC", url: "https://launchpad.net/bugs/1999665", }, ], }, }, "nvd.nist.gov": { configurations: { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:openstack:heat:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:redhat:openstack_platform:16.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:redhat:openstack_platform:13.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:redhat:openstack_platform:16.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:redhat:openstack_platform:17.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, cve: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2023-1625", }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "en", value: "An information leak was discovered in OpenStack heat. This issue could allow a remote, authenticated attacker to use the 'stack show' command to reveal parameters which are supposed to remain hidden. This has a low impact to the confidentiality, integrity, and availability of the system.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], }, ], }, references: { reference_data: [ { name: "https://bugzilla.redhat.com/show_bug.cgi?id=2181621", refsource: "MISC", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2181621", }, { name: "https://access.redhat.com/security/cve/CVE-2023-1625", refsource: "MISC", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/security/cve/CVE-2023-1625", }, { name: "https://github.com/openstack/heat/commit/a49526c278e52823080c7f3fcb72785b93fd4dcb", refsource: "MISC", tags: [ "Patch", ], url: "https://github.com/openstack/heat/commit/a49526c278e52823080c7f3fcb72785b93fd4dcb", }, { name: "https://launchpad.net/bugs/1999665", refsource: "MISC", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://launchpad.net/bugs/1999665", }, ], }, }, impact: { baseMetricV3: { cvssV3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.1, impactScore: 1.4, }, }, lastModifiedDate: "2023-09-26T14:57Z", publishedDate: "2023-09-24T01:15Z", }, }, }
ghsa-5836-grcc-8j89
Vulnerability from github
Published
2023-09-24 03:30
Modified
2023-09-25 18:32
Severity ?
Summary
OpenStack Heat information leak vulnerability
Details
An information leak was discovered in OpenStack heat. This issue could allow a remote, authenticated attacker to use the 'stack show' command to reveal parameters which are supposed to remain hidden. This has a low impact to the confidentiality, integrity, and availability of the system.
{ affected: [ { package: { ecosystem: "PyPI", name: "openstack-heat", }, ranges: [ { events: [ { introduced: "0", }, { fixed: "20.0.0", }, ], type: "ECOSYSTEM", }, ], }, ], aliases: [ "CVE-2023-1625", ], database_specific: { cwe_ids: [ "CWE-200", ], github_reviewed: true, github_reviewed_at: "2023-09-25T18:32:42Z", nvd_published_at: "2023-09-24T01:15:43Z", severity: "HIGH", }, details: "An information leak was discovered in OpenStack heat. This issue could allow a remote, authenticated attacker to use the 'stack show' command to reveal parameters which are supposed to remain hidden. This has a low impact to the confidentiality, integrity, and availability of the system.", id: "GHSA-5836-grcc-8j89", modified: "2023-09-25T18:32:42Z", published: "2023-09-24T03:30:20Z", references: [ { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-1625", }, { type: "WEB", url: "https://github.com/openstack/heat/commit/a49526c278e52823080c7f3fcb72785b93fd4dcb", }, { type: "WEB", url: "https://access.redhat.com/security/cve/CVE-2023-1625", }, { type: "WEB", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2181621", }, { type: "PACKAGE", url: "https://github.com/openstack/heat", }, { type: "WEB", url: "https://launchpad.net/bugs/1999665", }, ], schema_version: "1.4.0", severity: [ { score: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L", type: "CVSS_V3", }, ], summary: "OpenStack Heat information leak vulnerability", }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.