OpenStack Security Advisory in Launchpad

OpenStack Security Advisory

Registered 2013-05-24 by Thierry Carrez

OpenStack Security Advisories are published to communicate about security issues reported and fixed in OpenStack supported software

The OpenStack Vulnerability Management Team is responsible for this process, which is documented at https://wiki.openstack.org/wiki/Vulnerability_Management

This is different from OpenStack Security Notes (OSSN), which are snippets of security and hardening advice published by the OpenStack Security Group (OSSG) and which are explicitely not about exploitable vulnerabilities discovered and fixed in OpenStack supported software.

Home page

Project information

Part of:: OpenStack

Maintainer:: OpenStack Vulnerability Management team

Driver:: OpenStack Vulnerability Management team

Licence:: Creative Commons - No Rights Reserved

View full history Series and milestones

trunk series is the current focus of development.

All bugs Latest bugs reported

Bug #2091410: Denial of service by adding an unbounded number of tags to a network
Reported on 2024-12-10
Bug #2091124: Use of eval() on untrusted data
Reported on 2024-12-05
Bug #2088986: [OSSA-2024-005] Authorization bypassed when setting tags on networks (CVE-2024-53916)
Reported on 2024-11-19
Bug #2084081: Payload of "rebuild_instance" notification contains an auth_token
Reported on 2024-10-11
Bug #2084122: CVE-2024-3651 the 'kjd/idna' library
Reported on 2024-10-10

More contributors Top contributors

Jeremy Stanley 147 points
Jay Faulkner 108 points
Brian Rosmaita 35 points
OpenStack Infra 24 points
James Page 16 points

Get Involved

Report a bug
warning

Ask a question
warning

Help translate

Downloads

OpenStack Security Advisory does not have any download files registered with Launchpad.