GHSA-6rx9-c2rh-3qv4
Suggest an improvement- Source
- https://github.com/advisories/GHSA-6rx9-c2rh-3qv4
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/09/GHSA-6rx9-c2rh-3qv4/GHSA-6rx9-c2rh-3qv4.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-6rx9-c2rh-3qv4
- Aliases
- Published
- 2023-09-24T03:30:20Z
- Modified
- 2024-11-28T05:41:02.626024Z
- Severity
-
- 6.0 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L CVSS Calculator
- Summary
- OpenStack Barbican information disclosure vulnerability
- Details
-
A vulnerability was found in OpenStack Barbican containers. This vulnerability is only applicable to deployments that utilize an all-in-one configuration. Barbican containers share the same CGROUP, USER, and NET namespace with the host system and other OpenStack services. If any service is compromised, it could gain access to the data transmitted to and from Barbican.
- Database specific
{ "nvd_published_at": "2023-09-24T01:15:43Z", "cwe_ids": [], "severity": "MODERATE", "github_reviewed": true, "github_reviewed_at": "2023-09-25T18:34:33Z" }- References
Affected packages
PyPI / barbican
Package
- Name
- barbican
- View open source insights on deps.dev
- Purl
- pkg:pypi/barbican
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedLast affected16.0.0
Affected versions
Other
0
6.*
6.0.0.0b1
8.*
8.0.0.0rc1
8.0.0
8.0.1
9.*
9.0.0.0rc1
9.0.0
9.0.1
10.*
10.0.0.0rc1
10.0.0
10.1.0
11.*
11.0.0.0rc1
11.0.0
12.*
12.0.0.0rc1
12.0.0.0rc2
12.0.0
12.0.1
12.0.2
13.*
13.0.0.0rc1
13.0.0
13.0.1
13.0.2
14.*
14.0.0.0rc1
14.0.0
14.0.1
14.0.2
15.*
15.0.0.0rc1
15.0.0.0rc2
15.0.0.0rc3
15.0.0
15.0.1
16.*
16.0.0.0rc1
16.0.0