Newer documentation is now live.You are currently reading an older version.

Switch to latest✕

Security notes

In total, in the MOSK 23.2.2 release, 72 Common Vulnerabilities and Exposures (CVE) have been fixed: 8 of critical and 64 of high severity.

The full list of the CVEs present in the current MOSK release is available at the Mirantis Security Portal.

Addressed CVEs - summary

Severity	Critical	High	Total
Unique CVEs	2	19	21
Total issues across images	8	64	72

Addressed CVEs - detailed

Image	Component name	CVE
general/openvswitch	linux-libc-dev	CVE-2023-20593 (High)
		CVE-2023-3609 (High)
		CVE-2023-3611 (High)
		CVE-2023-3776 (High)
general/openvswitch-dpdk	linux-libc-dev	CVE-2023-20593 (High)
		CVE-2023-3609 (High)
		CVE-2023-3611 (High)
		CVE-2023-3776 (High)
iam/keycloak-gatekeeper	golang.org/x/crypto	CVE-2021-43565 (High)
		CVE-2020-29652 (High)
		CVE-2022-27191 (High)
	golang.org/x/net	CVE-2021-33194 (High)
		CVE-2022-27664 (High)
	golang.org/x/text	CVE-2021-38561 (High)
		CVE-2022-32149 (High)
	github.com/prometheus/client_golang	CVE-2022-21698 (High)
openstack/aodh	grpcio	CVE-2023-33953 (High)
		CVE-2023-33953 (High)
openstack/barbican	linux-libc-dev	CVE-2023-20593 (High)
		CVE-2023-3609 (High)
		CVE-2023-3611 (High)
		CVE-2023-3776 (High)
		CVE-2023-20593 (High)
		CVE-2023-3609 (High)
		CVE-2023-3611 (High)
		CVE-2023-3776 (High)
openstack/ceilometer	grpcio	CVE-2023-33953 (High)
		CVE-2023-33953 (High)
openstack/designate	Werkzeug	CVE-2022-29361 (Critical)
		CVE-2023-25577 (High)
	Flask	CVE-2023-30861 (High)
openstack/gnocchi	Werkzeug	CVE-2022-29361 (Critical)
		CVE-2023-25577 (High)
	grpcio	CVE-2023-33953 (High)
		CVE-2023-33953 (High)
openstack/ironic-inspector	Werkzeug	CVE-2022-29361 (Critical)
		CVE-2023-25577 (High)
	Flask	CVE-2023-30861 (High)
openstack/keystone	Werkzeug	CVE-2022-29361 (Critical)
		CVE-2023-25577 (High)
	Flask	CVE-2023-30861 (High)
openstack/octavia	Werkzeug	CVE-2022-29361 (Critical)
		CVE-2023-25577 (High)
	Flask	CVE-2023-30861 (High)
openstack/panko	grpcio	CVE-2023-33953 (High)
openstack/stepler	linux-libc-dev	CVE-2023-20593 (High)
		CVE-2023-3609 (High)
		CVE-2023-3611 (High)
		CVE-2023-3776 (High)
		CVE-2023-20593 (High)
		CVE-2023-3609 (High)
		CVE-2023-3611 (High)
		CVE-2023-3776 (High)
	cryptography	CVE-2023-38325 (High)
		CVE-2023-38325 (High)
scale/psql-client	busybox	CVE-2022-48174 (Critical)
	busybox-binsh	CVE-2022-48174 (Critical)
	ssl_client	CVE-2022-48174 (Critical)
	libpq	CVE-2023-39417 (High)
	postgresql13-client	CVE-2023-39417 (High)
stacklight/alerta-web	grpcio	CVE-2023-33953 (High)
	libpq	CVE-2023-39417 (High)
	postgresql15-client	CVE-2023-39417 (High)
stacklight/pgbouncer	libpq	CVE-2023-39417 (High)
	postgresql-client	CVE-2023-39417 (High)
tungsten/cass-config-builder	cups-libs	CVE-2023-32360 (High)
tungsten/tf-cli	dnf-plugin-subscription-manager	CVE-2023-3899 (High)
	python3-cloud-what	CVE-2023-3899 (High)
	python3-subscription-manager-rhsm	CVE-2023-3899 (High)
	python3-syspurpose	CVE-2023-3899 (High)
	subscription-manager	CVE-2023-3899 (High)
	subscription-manager-rhsm-certificates	CVE-2023-3899 (High)