Mirantis Container Cloud (MCC) becomes part of Mirantis OpenStack for Kubernetes (MOSK)!
Starting with MOSK 25.2, the MOSK documentation set will cover all product layers, including MOSK management (formerly MCC). This means everything you need will be in one place. The separate MCC documentation site will be retired, so please update your bookmarks for continued easy access to the latest content.
Security notes¶
In total, in the MOSK 23.2.2 release, 72 Common Vulnerabilities and Exposures (CVE) have been fixed: 8 of critical and 64 of high severity.
The full list of the CVEs present in the current MOSK release is available at the Mirantis Security Portal.
Severity |
Critical |
High |
Total |
|---|---|---|---|
Unique CVEs |
2 |
19 |
21 |
Total issues across images |
8 |
64 |
72 |
Image |
Component name |
CVE |
|---|---|---|
general/openvswitch |
linux-libc-dev |
CVE-2023-20593 (High) |
CVE-2023-3609 (High) |
||
CVE-2023-3611 (High) |
||
CVE-2023-3776 (High) |
||
general/openvswitch-dpdk |
linux-libc-dev |
CVE-2023-20593 (High) |
CVE-2023-3609 (High) |
||
CVE-2023-3611 (High) |
||
CVE-2023-3776 (High) |
||
iam/keycloak-gatekeeper |
golang.org/x/crypto |
CVE-2021-43565 (High) |
CVE-2020-29652 (High) |
||
CVE-2022-27191 (High) |
||
golang.org/x/net |
CVE-2021-33194 (High) |
|
CVE-2022-27664 (High) |
||
golang.org/x/text |
CVE-2021-38561 (High) |
|
CVE-2022-32149 (High) |
||
github.com/prometheus/client_golang |
CVE-2022-21698 (High) |
|
openstack/aodh |
grpcio |
CVE-2023-33953 (High) |
CVE-2023-33953 (High) |
||
openstack/barbican |
linux-libc-dev |
CVE-2023-20593 (High) |
CVE-2023-3609 (High) |
||
CVE-2023-3611 (High) |
||
CVE-2023-3776 (High) |
||
CVE-2023-20593 (High) |
||
CVE-2023-3609 (High) |
||
CVE-2023-3611 (High) |
||
CVE-2023-3776 (High) |
||
openstack/ceilometer |
grpcio |
CVE-2023-33953 (High) |
CVE-2023-33953 (High) |
||
openstack/designate |
Werkzeug |
CVE-2022-29361 (Critical) |
CVE-2023-25577 (High) |
||
Flask |
CVE-2023-30861 (High) |
|
openstack/gnocchi |
Werkzeug |
CVE-2022-29361 (Critical) |
CVE-2023-25577 (High) |
||
grpcio |
CVE-2023-33953 (High) |
|
CVE-2023-33953 (High) |
||
openstack/ironic-inspector |
Werkzeug |
CVE-2022-29361 (Critical) |
CVE-2023-25577 (High) |
||
Flask |
CVE-2023-30861 (High) |
|
openstack/keystone |
Werkzeug |
CVE-2022-29361 (Critical) |
CVE-2023-25577 (High) |
||
Flask |
CVE-2023-30861 (High) |
|
openstack/octavia |
Werkzeug |
CVE-2022-29361 (Critical) |
CVE-2023-25577 (High) |
||
Flask |
CVE-2023-30861 (High) |
|
openstack/panko |
grpcio |
CVE-2023-33953 (High) |
openstack/stepler |
linux-libc-dev |
CVE-2023-20593 (High) |
CVE-2023-3609 (High) |
||
CVE-2023-3611 (High) |
||
CVE-2023-3776 (High) |
||
CVE-2023-20593 (High) |
||
CVE-2023-3609 (High) |
||
CVE-2023-3611 (High) |
||
CVE-2023-3776 (High) |
||
cryptography |
CVE-2023-38325 (High) |
|
CVE-2023-38325 (High) |
||
scale/psql-client |
busybox |
CVE-2022-48174 (Critical) |
busybox-binsh |
CVE-2022-48174 (Critical) |
|
ssl_client |
CVE-2022-48174 (Critical) |
|
libpq |
CVE-2023-39417 (High) |
|
postgresql13-client |
CVE-2023-39417 (High) |
|
stacklight/alerta-web |
grpcio |
CVE-2023-33953 (High) |
libpq |
CVE-2023-39417 (High) |
|
postgresql15-client |
CVE-2023-39417 (High) |
|
stacklight/pgbouncer |
libpq |
CVE-2023-39417 (High) |
postgresql-client |
CVE-2023-39417 (High) |
|
tungsten/cass-config-builder |
cups-libs |
CVE-2023-32360 (High) |
tungsten/tf-cli |
dnf-plugin-subscription-manager |
CVE-2023-3899 (High) |
python3-cloud-what |
CVE-2023-3899 (High) |
|
python3-subscription-manager-rhsm |
CVE-2023-3899 (High) |
|
python3-syspurpose |
CVE-2023-3899 (High) |
|
subscription-manager |
CVE-2023-3899 (High) |
|
subscription-manager-rhsm-certificates |
CVE-2023-3899 (High) |