GHSA-2ppf-2m6f-6v6f

Source

https://github.com/advisories/GHSA-2ppf-2m6f-6v6f

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/11/GHSA-2ppf-2m6f-6v6f/GHSA-2ppf-2m6f-6v6f.json

JSON Data

https://api.osv.dev/v1/vulns/GHSA-2ppf-2m6f-6v6f

Aliases

CVE-2023-6110

Published

2024-11-17T12:30:29Z

Modified

2024-12-05T22:25:31.369568Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L CVSS Calculator

Summary

OpenStack improperly deletes access rules

Details

A flaw was found in OpenStack. When a user tries to delete a non-existing access rule in it's scope, it deletes other existing access rules which are not associated with any application credentials.

Database specific

{
    "github_reviewed": true,
    "severity": "MODERATE",
    "cwe_ids": [
        "CWE-237"
    ],
    "nvd_published_at": "2024-11-17T11:15:06Z",
    "github_reviewed_at": "2024-11-18T20:08:25Z"
}

References

Affected packages

PyPI / python-openstackclient

Package

Name: python-openstackclient; View open source insights on deps.dev
Purl: pkg:pypi/python-openstackclient

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.3.0

Affected versions

0.*

0.1.51

0.2.0

0.2.1

0.2.2

0.3.0

0.3.1

0.4.0

0.4.1

1.*

1.0.0

1.0.1

1.0.2

1.0.3

1.0.4

1.0.5

1.1.0

1.2.0

1.3.0

1.4.0

1.5.0

1.6.0

1.7.0

1.7.1

1.7.2

1.8.0

1.9.0

2.*

2.0.0

2.1.0

2.2.0

2.3.0

2.3.1

2.4.0

2.5.0

2.6.0

3.*

3.0.0

3.0.1

3.1.0

3.2.0

3.2.1

3.3.0

3.4.0

3.4.1

3.5.0

3.6.0

3.7.0

3.8.0

3.8.1

3.8.2

3.9.0

3.10.0

3.11.0

3.12.0

3.12.1

3.12.2

3.13.0

3.14.0

3.14.1

3.14.2

3.14.3

3.15.0

3.16.0

3.16.1

3.16.2

3.16.3

3.17.0

3.18.0

3.18.1

3.19.0

4.*

4.0.0

4.0.1

4.0.2

5.*

5.0.0

5.1.0

5.2.0

5.2.1

5.2.2

5.3.0

5.3.1

5.4.0

5.5.0

5.5.1

5.6.0

5.6.1

5.6.2

5.7.0

5.8.0

5.8.1

6.*

6.0.0

6.0.1

6.1.0

6.2.0

6.2.1