Security notes¶
In total, since MOSK 23.1 major release, in 23.2, 1611 Common Vulnerabilities and Exposures (CVE) have been fixed: 65 of critical and 1546 of high severity.
Among them, 689 CVEs that are listed in Addressed CVEs - detailed have been fixed since 23.1.4 patch release: 29 of critical and 660 of high severity. The fixes for the rest of CVEs were released with the patch releases of the MOSK 23.1 series.
The full list of the CVEs present in the current Mirantis OpenStack for Kubernetes (MOSK) release is available at the Mirantis Security Portal.
The Addressed CVEs - summary table includes the total number of unique CVEs along with the total number of issues fixed across images.
Severity |
Critical |
High |
Total |
|---|---|---|---|
Unique CVEs |
5 |
64 |
69 |
Total issues across images |
29 |
660 |
689 |
Note
Duplicate CVEs for packages in
the Addressed CVEs - detailed table can mean that they were
discovered in container images with the same names but different tags,
for example, openstack/barbican for Openstack Victoria and Yoga
versions.
Image |
Component name |
CVE |
|---|---|---|
ceph/mcp/ceph-controller |
libcrypto3 |
CVE-2023-2650 (High) |
libssl3 |
CVE-2023-2650 (High) |
|
ceph/rook |
openssl |
CVE-2022-3786 (High) |
CVE-2022-3602 (High) |
||
CVE-2023-0286 (High) |
||
openssl-libs |
CVE-2022-3602 (High) |
|
CVE-2022-3786 (High) |
||
CVE-2023-0286 (High) |
||
cryptography |
CVE-2023-2650 (High) |
|
general/amqproxy |
libcrypto3 |
CVE-2023-2650 (High) |
libssl3 |
CVE-2023-2650 (High) |
|
general/external/docker.io/frrouting/frr |
libcrypto3 |
CVE-2023-2650 (High) |
libssl3 |
CVE-2023-2650 (High) |
|
libcap2 |
CVE-2023-2603 (High) |
|
ncurses-libs |
CVE-2023-29491 (High) |
|
ncurses-terminfo-base |
CVE-2023-29491 (High) |
|
general/memcached |
libcrypto3 |
CVE-2023-2650 (High) |
libssl3 |
CVE-2023-2650 (High) |
|
general/openvswitch |
linux-libc-dev |
CVE-2023-3090 (High) |
CVE-2023-32629 (High) |
||
CVE-2023-3390 (High) |
||
CVE-2023-35001 (High) |
||
CVE-2023-1380 (High) |
||
CVE-2023-30456 (High) |
||
CVE-2023-31436 (High) |
||
CVE-2023-32233 (High) |
||
CVE-2023-35788 (High) |
||
general/openvswitch-dpdk |
linux-libc-dev |
CVE-2023-35788 (High) |
CVE-2023-1380 (High) |
||
CVE-2023-30456 (High) |
||
CVE-2023-31436 (High) |
||
CVE-2023-32233 (High) |
||
CVE-2023-3090 (High) |
||
CVE-2023-32629 (High) |
||
CVE-2023-3390 (High) |
||
CVE-2023-35001 (High) |
||
mirantis/ceph |
openssl |
CVE-2022-3786 (High) |
CVE-2022-3602 (High) |
||
CVE-2023-0286 (High) |
||
openssl-libs |
CVE-2022-3602 (High) |
|
CVE-2022-3786 (High) |
||
CVE-2023-0286 (High) |
||
python3 |
CVE-2023-24329 (High) |
|
python3-devel |
CVE-2023-24329 (High) |
|
python3-libs |
CVE-2023-24329 (High) |
|
mirantis/cephcsi |
openssl |
CVE-2022-3786 (High) |
CVE-2022-3602 (High) |
||
CVE-2023-0286 (High) |
||
openssl-libs |
CVE-2022-3602 (High) |
|
CVE-2022-3786 (High) |
||
CVE-2023-0286 (High) |
||
cryptography |
CVE-2023-2650 (High) |
|
mirantis/fio |
libcrypto3 |
CVE-2023-2650 (High) |
libssl3 |
CVE-2023-2650 (High) |
|
openstack/aodh |
cryptography |
CVE-2023-2650 (High) |
sqlparse |
CVE-2023-30608 (High) |
|
openstack/barbican |
linux-libc-dev |
CVE-2023-1380 (High) |
CVE-2023-30456 (High) |
||
CVE-2023-31436 (High) |
||
CVE-2023-32233 (High) |
||
CVE-2023-35788 (High) |
||
CVE-2023-1829 (High) |
||
CVE-2023-3567 (High) |
||
CVE-2023-3090 (High) |
||
CVE-2023-32629 (High) |
||
CVE-2023-3390 (High) |
||
CVE-2023-35001 (High) |
||
CVE-2023-1380 (High) |
||
CVE-2023-30456 (High) |
||
CVE-2023-31436 (High) |
||
CVE-2023-32233 (High) |
||
CVE-2023-3090 (High) |
||
CVE-2023-32629 (High) |
||
CVE-2023-3390 (High) |
||
CVE-2023-35001 (High) |
||
CVE-2023-35788 (High) |
||
cryptography |
CVE-2023-2650 (High) |
|
sqlparse |
CVE-2023-30608 (High) |
|
openstack/ceilometer |
cryptography |
CVE-2023-2650 (High) |
sqlparse |
CVE-2023-30608 (High) |
|
openstack/cinder |
cryptography |
CVE-2023-2650 (High) |
sqlparse |
CVE-2023-30608 (High) |
|
openstack/designate |
cryptography |
CVE-2023-2650 (High) |
sqlparse |
CVE-2023-30608 (High) |
|
openstack/extra/etcd |
libcrypto3 |
CVE-2023-2650 (High) |
libssl3 |
CVE-2023-2650 (High) |
|
openstack/extra/kubernetes-entrypoint |
github.com/emicklei/go-restful |
CVE-2022-1996 (Critical) |
golang.org/x/net |
CVE-2022-27664 (High) |
|
CVE-2022-41721 (High) |
||
golang.org/x/text |
CVE-2022-32149 (High) |
|
openstack/extra/nginx |
libcrypto3 |
CVE-2023-2650 (High) |
libssl3 |
CVE-2023-2650 (High) |
|
openstack/extra/nginx-ingress-controller |
golang.org/x/net |
CVE-2022-41721 (High) |
CVE-2022-27664 (High) |
||
curl |
CVE-2023-28319 (High) |
|
libcurl |
CVE-2023-28319 (High) |
|
libcrypto1.1 |
CVE-2023-2650 (High) |
|
libssl1.1 |
CVE-2023-2650 (High) |
|
openssl |
CVE-2023-2650 (High) |
|
github.com/opencontainers/runc |
CVE-2023-28642 (High) |
|
golang.org/x/text |
CVE-2022-32149 (High) |
|
ncurses-libs |
CVE-2023-29491 (High) |
|
ncurses-terminfo-base |
CVE-2023-29491 (High) |
|
nghttp2-libs |
CVE-2023-35945 (High) |
|
openstack/extra/powerdns |
libcrypto3 |
CVE-2023-2650 (High) |
libssl3 |
CVE-2023-2650 (High) |
|
ncurses-libs |
CVE-2023-29491 (High) |
|
ncurses-terminfo-base |
CVE-2023-29491 (High) |
|
openstack/extra/redis |
libcrypto3 |
CVE-2023-2650 (High) |
libssl3 |
CVE-2023-2650 (High) |
|
openstack/extra/strongswan |
libcrypto3 |
CVE-2023-2650 (High) |
libssl3 |
CVE-2023-2650 (High) |
|
openssl |
CVE-2023-2650 (High) |
|
ncurses-libs |
CVE-2023-29491 (High) |
|
ncurses-terminfo-base |
CVE-2023-29491 (High) |
|
nghttp2-libs |
CVE-2023-35945 (High) |
|
openstack/glance |
cryptography |
CVE-2023-2650 (High) |
sqlparse |
CVE-2023-30608 (High) |
|
openstack/gnocchi |
cryptography |
CVE-2023-2650 (High) |
sqlparse |
CVE-2023-30608 (High) |
|
openstack/heat |
cryptography |
CVE-2023-2650 (High) |
sqlparse |
CVE-2023-30608 (High) |
|
openstack/horizon |
cryptography |
CVE-2023-2650 (High) |
sqlparse |
CVE-2023-30608 (High) |
|
Django |
CVE-2023-36053 (High) |
|
openstack/ironic |
cryptography |
CVE-2023-2650 (High) |
sqlparse |
CVE-2023-30608 (High) |
|
openstack/ironic-inspector |
cryptography |
CVE-2023-2650 (High) |
sqlparse |
CVE-2023-30608 (High) |
|
openstack/keystone |
cryptography |
CVE-2023-2650 (High) |
sqlparse |
CVE-2023-30608 (High) |
|
openstack/manila |
cryptography |
CVE-2023-2650 (High) |
openstack/masakari |
cryptography |
CVE-2023-2650 (High) |
sqlparse |
CVE-2023-30608 (High) |
|
openstack/masakari-monitors |
cryptography |
CVE-2023-2650 (High) |
openstack/neutron |
cryptography |
CVE-2023-2650 (High) |
sqlparse |
CVE-2023-30608 (High) |
|
openstack/nova |
cryptography |
CVE-2023-2650 (High) |
sqlparse |
CVE-2023-30608 (High) |
|
openstack/octavia |
cryptography |
CVE-2023-2650 (High) |
sqlparse |
CVE-2023-30608 (High) |
|
openstack/openstack-controller |
cryptography |
CVE-2023-2650 (High) |
aiohttp |
CVE-2023-37276 (High) |
|
openstack/openstack-tools |
cryptography |
CVE-2023-2650 (High) |
openstack/panko |
cryptography |
CVE-2023-2650 (High) |
sqlparse |
CVE-2023-30608 (High) |
|
openstack/placement |
cryptography |
CVE-2023-2650 (High) |
sqlparse |
CVE-2023-30608 (High) |
|
openstack/stepler |
linux-libc-dev |
CVE-2023-1380 (High) |
CVE-2023-30456 (High) |
||
CVE-2023-31436 (High) |
||
CVE-2023-32233 (High) |
||
CVE-2023-1829 (High) |
||
CVE-2023-3567 (High) |
||
CVE-2023-3090 (High) |
||
CVE-2023-32629 (High) |
||
CVE-2023-3390 (High) |
||
CVE-2023-35001 (High) |
||
CVE-2023-35788 (High) |
||
CVE-2023-1829 (High) |
||
CVE-2023-35788 (High) |
||
CVE-2023-3090 (High) |
||
CVE-2023-32629 (High) |
||
CVE-2023-3390 (High) |
||
CVE-2023-35001 (High) |
||
CVE-2023-1380 (High) |
||
CVE-2023-30456 (High) |
||
CVE-2023-31436 (High) |
||
CVE-2023-32233 (High) |
||
CVE-2023-3567 (High) |
||
cryptography |
CVE-2023-2650 (High) |
|
openstack/tempest |
cryptography |
CVE-2023-2650 (High) |
sqlparse |
CVE-2023-30608 (High) |
|
stacklight/alerta-web |
libcrypto3 |
CVE-2023-2650 (High) |
libssl3 |
CVE-2023-2650 (High) |
|
stacklight/alertmanager |
golang.org/x/net |
CVE-2022-41723 (High) |
stacklight/alertmanager-webhook-servicenow |
libcrypto3 |
CVE-2023-2650 (High) |
libssl3 |
CVE-2023-2650 (High) |
|
openssl-dev |
CVE-2023-2650 (High) |
|
Flask |
CVE-2023-30861 (High) |
|
stacklight/alpine-utils |
libcrypto3 |
CVE-2023-2650 (High) |
libssl3 |
CVE-2023-2650 (High) |
|
ncurses-libs |
CVE-2023-29491 (High) |
|
ncurses-terminfo-base |
CVE-2023-29491 (High) |
|
stacklight/blackbox-exporter |
golang.org/x/net |
CVE-2022-41723 (High) |
stacklight/cadvisor |
libcrypto1.1 |
CVE-2023-2650 (High) |
libssl1.1 |
CVE-2023-2650 (High) |
|
stacklight/cerebro |
org.xerial:sqlite-jdbc |
CVE-2023-32697 (Critical) |
com.fasterxml.jackson.core:jackson-databind |
CVE-2021-46877 (High) |
|
CVE-2022-42003 (High) |
||
CVE-2022-42004 (High) |
||
CVE-2020-36518 (High) |
||
libssl1.1 |
CVE-2023-0464 (High) |
|
CVE-2023-2650 (High) |
||
openssl |
CVE-2023-0464 (High) |
|
CVE-2023-2650 (High) |
||
stacklight/fluentd |
libssl-dev |
CVE-2023-0464 (High) |
CVE-2023-2650 (High) |
||
libssl1.1 |
CVE-2023-0464 (High) |
|
CVE-2023-2650 (High) |
||
openssl |
CVE-2023-0464 (High) |
|
CVE-2023-2650 (High) |
||
stacklight/grafana |
libcrypto3 |
CVE-2023-2650 (High) |
libssl3 |
CVE-2023-2650 (High) |
|
ncurses-libs |
CVE-2023-29491 (High) |
|
ncurses-terminfo-base |
CVE-2023-29491 (High) |
|
stacklight/grafana-image-renderer |
tough-cookie |
CVE-2023-26136 (Critical) |
stacklight/jmx-exporter |
libssl1.1 |
CVE-2023-0464 (High) |
CVE-2023-2650 (High) |
||
libncurses6 |
CVE-2022-29458 (High) |
|
libncursesw6 |
CVE-2022-29458 (High) |
|
libtinfo6 |
CVE-2022-29458 (High) |
|
ncurses-base |
CVE-2022-29458 (High) |
|
stacklight/k8s-sidecar |
libcrypto1.1 |
CVE-2023-2650 (High) |
libssl1.1 |
CVE-2023-2650 (High) |
|
ncurses-libs |
CVE-2023-29491 (High) |
|
ncurses-terminfo-base |
CVE-2023-29491 (High) |
|
stacklight/kubectl |
libssl1.1 |
CVE-2023-0464 (High) |
CVE-2023-2650 (High) |
||
openssl |
CVE-2023-0464 (High) |
|
CVE-2023-2650 (High) |
||
stacklight/metric-collector |
libcrypto3 |
CVE-2023-2650 (High) |
libssl3 |
CVE-2023-2650 (High) |
|
stacklight/metricbeat |
python |
CVE-2023-24329 (High) |
python-libs |
CVE-2023-24329 (High) |
|
stacklight/node-exporter |
golang.org/x/net |
CVE-2022-41723 (High) |
stacklight/opensearch |
org.codelibs.elasticsearch.module:ingest-common |
CVE-2015-5377 (Critical) |
CVE-2019-7611 (High) |
||
org.xerial:sqlite-jdbc |
CVE-2023-32697 (Critical) |
|
org.springframework:spring-core |
CVE-2023-20860 (High) |
|
ncurses |
CVE-2023-29491 (High) |
|
ncurses-base |
CVE-2023-29491 (High) |
|
ncurses-libs |
CVE-2023-29491 (High) |
|
stacklight/opensearch-dashboards |
tough-cookie |
CVE-2023-26136 (Critical) |
debug |
CVE-2015-8315 (High) |
|
decode-uri-component |
CVE-2022-38900 (High) |
|
glob-parent |
CVE-2021-35065 (High) |
|
ncurses |
CVE-2023-29491 (High) |
|
ncurses-base |
CVE-2023-29491 (High) |
|
ncurses-libs |
CVE-2023-29491 (High) |
|
stacklight/prometheus |
github.com/docker/docker |
CVE-2023-28840 (High) |
golang.org/x/net |
CVE-2022-41723 (High) |
|
stacklight/prometheus-es-exporter |
libcrypto1.1 |
CVE-2023-2650 (High) |
libssl1.1 |
CVE-2023-2650 (High) |
|
ncurses-libs |
CVE-2023-29491 (High) |
|
ncurses-terminfo-base |
CVE-2023-29491 (High) |
|
stacklight/prometheus-libvirt-exporter |
libcrypto3 |
CVE-2023-2650 (High) |
libssl3 |
CVE-2023-2650 (High) |
|
stacklight/prometheus-patroni-exporter |
libcrypto3 |
CVE-2023-2650 (High) |
libssl3 |
CVE-2023-2650 (High) |
|
stacklight/prometheus-relay |
libcrypto3 |
CVE-2023-2650 (High) |
libssl3 |
CVE-2023-2650 (High) |
|
stacklight/sf-notifier |
libcrypto1.1 |
CVE-2023-2650 (High) |
libssl1.1 |
CVE-2023-2650 (High) |
|
openssl-dev |
CVE-2023-2650 (High) |
|
ncurses-libs |
CVE-2023-29491 (High) |
|
ncurses-terminfo-base |
CVE-2023-29491 (High) |
|
stacklight/sf-reporter |
libcrypto3 |
CVE-2023-2650 (High) |
libssl3 |
CVE-2023-2650 (High) |
|
ncurses-libs |
CVE-2023-29491 (High) |
|
ncurses-terminfo-base |
CVE-2023-29491 (High) |
|
stacklight/spilo |
PyJWT |
CVE-2022-29217 (High) |
golang.org/x/net |
CVE-2022-27664 (High) |
|
golang.org/x/text |
CVE-2022-32149 (High) |
|
gopkg.in/yaml.v3 |
CVE-2022-28948 (High) |
|
stacklight/stacklight-toolkit |
libcrypto3 |
CVE-2023-2650 (High) |
libssl3 |
CVE-2023-2650 (High) |
|
ncurses-libs |
CVE-2023-29491 (High) |
|
ncurses-terminfo-base |
CVE-2023-29491 (High) |
|
stacklight/telegraf |
libssl1.1 |
CVE-2023-0464 (High) |
CVE-2023-2650 (High) |
||
openssl |
CVE-2023-0464 (High) |
|
CVE-2023-2650 (High) |
||
stacklight/telemeter |
libcrypto3 |
CVE-2023-2650 (High) |
libssl3 |
CVE-2023-2650 (High) |
|
stacklight/tungstenfabric-prometheus-exporter |
libcrypto3 |
CVE-2023-2650 (High) |
libssl3 |
CVE-2023-2650 (High) |
|
stacklight/yq |
libcrypto3 |
CVE-2023-2650 (High) |
libssl3 |
CVE-2023-2650 (High) |
|
tungsten-operator/casskop |
libssl1.1 |
CVE-2023-0464 (High) |
CVE-2023-2650 (High) |
||
openssl |
CVE-2023-0464 (High) |
|
CVE-2023-2650 (High) |
||
tungsten/cass-config-builder |
python-unversioned-command |
CVE-2023-24329 (High) |
python3 |
CVE-2023-24329 (High) |
|
python3-libs |
CVE-2023-24329 (High) |
|
java-1.8.0-openjdk-headless |
CVE-2023-21930 (High) |
|
tungsten/cassandra |
libssl1.1 |
CVE-2023-0286 (High) |
openssl |
CVE-2023-0286 (High) |
|
tungsten/cassandra-bootstrap |
libssl1.1 |
CVE-2023-0464 (High) |
CVE-2023-2650 (High) |
||
openssl |
CVE-2023-0464 (High) |
|
CVE-2023-2650 (High) |
||
libtinfo6 |
CVE-2022-29458 (High) |
|
ncurses-base |
CVE-2022-29458 (High) |
|
tungsten/contrail-analytics-alarm-gen |
bottle |
CVE-2022-31799 (Critical) |
python |
CVE-2023-24329 (High) |
|
python-devel |
CVE-2023-24329 (High) |
|
python-libs |
CVE-2023-24329 (High) |
|
python3 |
CVE-2023-24329 (High) |
|
python3-libs |
CVE-2023-24329 (High) |
|
openssl |
CVE-2023-0286 (High) |
|
openssl-libs |
CVE-2023-0286 (High) |
|
c-ares |
CVE-2023-32067 (High) |
|
nss |
CVE-2023-0767 (High) |
|
nss-sysinit |
CVE-2023-0767 (High) |
|
nss-tools |
CVE-2023-0767 (High) |
|
bind-license |
CVE-2023-2828 (High) |
|
pip |
CVE-2018-20225 (High) |
|
wheel |
CVE-2022-40898 (High) |
|
tungsten/contrail-analytics-api |
bottle |
CVE-2022-31799 (Critical) |
python |
CVE-2023-24329 (High) |
|
python-devel |
CVE-2023-24329 (High) |
|
python-libs |
CVE-2023-24329 (High) |
|
python3 |
CVE-2023-24329 (High) |
|
python3-libs |
CVE-2023-24329 (High) |
|
openssl |
CVE-2023-0286 (High) |
|
openssl-libs |
CVE-2023-0286 (High) |
|
c-ares |
CVE-2023-32067 (High) |
|
nss |
CVE-2023-0767 (High) |
|
nss-sysinit |
CVE-2023-0767 (High) |
|
nss-tools |
CVE-2023-0767 (High) |
|
bind-license |
CVE-2023-2828 (High) |
|
pip |
CVE-2018-20225 (High) |
|
wheel |
CVE-2022-40898 (High) |
|
tungsten/contrail-analytics-collector |
bottle |
CVE-2022-31799 (Critical) |
python |
CVE-2023-24329 (High) |
|
python-devel |
CVE-2023-24329 (High) |
|
python-libs |
CVE-2023-24329 (High) |
|
python3 |
CVE-2023-24329 (High) |
|
python3-libs |
CVE-2023-24329 (High) |
|
openssl |
CVE-2023-0286 (High) |
|
openssl-libs |
CVE-2023-0286 (High) |
|
c-ares |
CVE-2023-32067 (High) |
|
nss |
CVE-2023-0767 (High) |
|
nss-sysinit |
CVE-2023-0767 (High) |
|
nss-tools |
CVE-2023-0767 (High) |
|
bind-license |
CVE-2023-2828 (High) |
|
pip |
CVE-2018-20225 (High) |
|
wheel |
CVE-2022-40898 (High) |
|
tungsten/contrail-analytics-query-engine |
bottle |
CVE-2022-31799 (Critical) |
python |
CVE-2023-24329 (High) |
|
python-devel |
CVE-2023-24329 (High) |
|
python-libs |
CVE-2023-24329 (High) |
|
python3 |
CVE-2023-24329 (High) |
|
python3-libs |
CVE-2023-24329 (High) |
|
openssl |
CVE-2023-0286 (High) |
|
openssl-libs |
CVE-2023-0286 (High) |
|
c-ares |
CVE-2023-32067 (High) |
|
nss |
CVE-2023-0767 (High) |
|
nss-sysinit |
CVE-2023-0767 (High) |
|
nss-tools |
CVE-2023-0767 (High) |
|
bind-license |
CVE-2023-2828 (High) |
|
pip |
CVE-2018-20225 (High) |
|
wheel |
CVE-2022-40898 (High) |
|
tungsten/contrail-analytics-snmp-collector |
bottle |
CVE-2022-31799 (Critical) |
python |
CVE-2023-24329 (High) |
|
python-devel |
CVE-2023-24329 (High) |
|
python-libs |
CVE-2023-24329 (High) |
|
python3 |
CVE-2023-24329 (High) |
|
python3-libs |
CVE-2023-24329 (High) |
|
openssl |
CVE-2023-0286 (High) |
|
openssl-libs |
CVE-2023-0286 (High) |
|
c-ares |
CVE-2023-32067 (High) |
|
nss |
CVE-2023-0767 (High) |
|
nss-sysinit |
CVE-2023-0767 (High) |
|
nss-tools |
CVE-2023-0767 (High) |
|
bind-license |
CVE-2023-2828 (High) |
|
pip |
CVE-2018-20225 (High) |
|
wheel |
CVE-2022-40898 (High) |
|
tungsten/contrail-analytics-snmp-topology |
bottle |
CVE-2022-31799 (Critical) |
python |
CVE-2023-24329 (High) |
|
python-devel |
CVE-2023-24329 (High) |
|
python-libs |
CVE-2023-24329 (High) |
|
python3 |
CVE-2023-24329 (High) |
|
python3-libs |
CVE-2023-24329 (High) |
|
openssl |
CVE-2023-0286 (High) |
|
openssl-libs |
CVE-2023-0286 (High) |
|
c-ares |
CVE-2023-32067 (High) |
|
nss |
CVE-2023-0767 (High) |
|
nss-sysinit |
CVE-2023-0767 (High) |
|
nss-tools |
CVE-2023-0767 (High) |
|
bind-license |
CVE-2023-2828 (High) |
|
pip |
CVE-2018-20225 (High) |
|
wheel |
CVE-2022-40898 (High) |
|
tungsten/contrail-controller-config-api |
bottle |
CVE-2022-31799 (Critical) |
python |
CVE-2023-24329 (High) |
|
python-devel |
CVE-2023-24329 (High) |
|
python-libs |
CVE-2023-24329 (High) |
|
python3 |
CVE-2023-24329 (High) |
|
python3-libs |
CVE-2023-24329 (High) |
|
openssl |
CVE-2023-0286 (High) |
|
openssl-libs |
CVE-2023-0286 (High) |
|
c-ares |
CVE-2023-32067 (High) |
|
nss |
CVE-2023-0767 (High) |
|
nss-sysinit |
CVE-2023-0767 (High) |
|
nss-tools |
CVE-2023-0767 (High) |
|
openssh |
CVE-2023-38408 (High) |
|
openssh-clients |
CVE-2023-38408 (High) |
|
bind-license |
CVE-2023-2828 (High) |
|
pip |
CVE-2018-20225 (High) |
|
wheel |
CVE-2022-40898 (High) |
|
tungsten/contrail-controller-config-devicemgr |
bottle |
CVE-2022-31799 (Critical) |
git |
CVE-2023-25652 (High) |
|
CVE-2023-29007 (High) |
||
CVE-2022-41903 (High) |
||
CVE-2022-23521 (High) |
||
perl-Git |
CVE-2022-23521 (High) |
|
CVE-2022-41903 (High) |
||
CVE-2023-29007 (High) |
||
CVE-2023-25652 (High) |
||
python |
CVE-2023-24329 (High) |
|
python-devel |
CVE-2023-24329 (High) |
|
python-libs |
CVE-2023-24329 (High) |
|
python3 |
CVE-2023-24329 (High) |
|
python3-libs |
CVE-2023-24329 (High) |
|
openssl |
CVE-2023-0286 (High) |
|
openssl-libs |
CVE-2023-0286 (High) |
|
c-ares |
CVE-2023-32067 (High) |
|
nss |
CVE-2023-0767 (High) |
|
nss-sysinit |
CVE-2023-0767 (High) |
|
nss-tools |
CVE-2023-0767 (High) |
|
openssh |
CVE-2023-38408 (High) |
|
openssh-clients |
CVE-2023-38408 (High) |
|
bind-license |
CVE-2023-2828 (High) |
|
pip |
CVE-2018-20225 (High) |
|
wheel |
CVE-2022-40898 (High) |
|
tungsten/contrail-controller-config-dnsmasq |
bottle |
CVE-2022-31799 (Critical) |
python |
CVE-2023-24329 (High) |
|
python-libs |
CVE-2023-24329 (High) |
|
python3 |
CVE-2023-24329 (High) |
|
python3-libs |
CVE-2023-24329 (High) |
|
openssl-libs |
CVE-2023-0286 (High) |
|
c-ares |
CVE-2023-32067 (High) |
|
nss |
CVE-2023-0767 (High) |
|
nss-sysinit |
CVE-2023-0767 (High) |
|
nss-tools |
CVE-2023-0767 (High) |
|
bind-license |
CVE-2023-2828 (High) |
|
pip |
CVE-2018-20225 (High) |
|
wheel |
CVE-2022-40898 (High) |
|
tungsten/contrail-controller-config-schema |
bottle |
CVE-2022-31799 (Critical) |
python |
CVE-2023-24329 (High) |
|
python-devel |
CVE-2023-24329 (High) |
|
python-libs |
CVE-2023-24329 (High) |
|
python3 |
CVE-2023-24329 (High) |
|
python3-libs |
CVE-2023-24329 (High) |
|
openssl |
CVE-2023-0286 (High) |
|
openssl-libs |
CVE-2023-0286 (High) |
|
c-ares |
CVE-2023-32067 (High) |
|
nss |
CVE-2023-0767 (High) |
|
nss-sysinit |
CVE-2023-0767 (High) |
|
nss-tools |
CVE-2023-0767 (High) |
|
openssh |
CVE-2023-38408 (High) |
|
openssh-clients |
CVE-2023-38408 (High) |
|
bind-license |
CVE-2023-2828 (High) |
|
pip |
CVE-2018-20225 (High) |
|
wheel |
CVE-2022-40898 (High) |
|
tungsten/contrail-controller-config-svcmonitor |
bottle |
CVE-2022-31799 (Critical) |
python |
CVE-2023-24329 (High) |
|
python-devel |
CVE-2023-24329 (High) |
|
python-libs |
CVE-2023-24329 (High) |
|
python3 |
CVE-2023-24329 (High) |
|
python3-libs |
CVE-2023-24329 (High) |
|
openssl |
CVE-2023-0286 (High) |
|
openssl-libs |
CVE-2023-0286 (High) |
|
c-ares |
CVE-2023-32067 (High) |
|
nss |
CVE-2023-0767 (High) |
|
nss-sysinit |
CVE-2023-0767 (High) |
|
nss-tools |
CVE-2023-0767 (High) |
|
openssh |
CVE-2023-38408 (High) |
|
openssh-clients |
CVE-2023-38408 (High) |
|
bind-license |
CVE-2023-2828 (High) |
|
pip |
CVE-2018-20225 (High) |
|
wheel |
CVE-2022-40898 (High) |
|
tungsten/contrail-controller-control-control |
bottle |
CVE-2022-31799 (Critical) |
python |
CVE-2023-24329 (High) |
|
python-devel |
CVE-2023-24329 (High) |
|
python-libs |
CVE-2023-24329 (High) |
|
python3 |
CVE-2023-24329 (High) |
|
python3-libs |
CVE-2023-24329 (High) |
|
openssl |
CVE-2023-0286 (High) |
|
openssl-libs |
CVE-2023-0286 (High) |
|
c-ares |
CVE-2023-32067 (High) |
|
nss |
CVE-2023-0767 (High) |
|
nss-sysinit |
CVE-2023-0767 (High) |
|
nss-tools |
CVE-2023-0767 (High) |
|
bind-license |
CVE-2023-2828 (High) |
|
pip |
CVE-2018-20225 (High) |
|
wheel |
CVE-2022-40898 (High) |
|
tungsten/contrail-controller-control-dns |
bottle |
CVE-2022-31799 (Critical) |
python |
CVE-2023-24329 (High) |
|
python-devel |
CVE-2023-24329 (High) |
|
python-libs |
CVE-2023-24329 (High) |
|
python3 |
CVE-2023-24329 (High) |
|
python3-libs |
CVE-2023-24329 (High) |
|
openssl |
CVE-2023-0286 (High) |
|
openssl-libs |
CVE-2023-0286 (High) |
|
c-ares |
CVE-2023-32067 (High) |
|
nss |
CVE-2023-0767 (High) |
|
nss-sysinit |
CVE-2023-0767 (High) |
|
nss-tools |
CVE-2023-0767 (High) |
|
bind-license |
CVE-2023-2828 (High) |
|
pip |
CVE-2018-20225 (High) |
|
wheel |
CVE-2022-40898 (High) |
|
tungsten/contrail-controller-control-named |
bottle |
CVE-2022-31799 (Critical) |
python |
CVE-2023-24329 (High) |
|
python-devel |
CVE-2023-24329 (High) |
|
python-libs |
CVE-2023-24329 (High) |
|
python3 |
CVE-2023-24329 (High) |
|
python3-libs |
CVE-2023-24329 (High) |
|
openssl |
CVE-2023-0286 (High) |
|
openssl-libs |
CVE-2023-0286 (High) |
|
c-ares |
CVE-2023-32067 (High) |
|
nss |
CVE-2023-0767 (High) |
|
nss-sysinit |
CVE-2023-0767 (High) |
|
nss-tools |
CVE-2023-0767 (High) |
|
bind-license |
CVE-2023-2828 (High) |
|
pip |
CVE-2018-20225 (High) |
|
wheel |
CVE-2022-40898 (High) |
|
tungsten/contrail-controller-webui-job |
tough-cookie |
CVE-2023-26136 (Critical) |
python |
CVE-2023-24329 (High) |
|
python-libs |
CVE-2023-24329 (High) |
|
python3 |
CVE-2023-24329 (High) |
|
python3-libs |
CVE-2023-24329 (High) |
|
openssl |
CVE-2023-0286 (High) |
|
openssl-libs |
CVE-2023-0286 (High) |
|
nss |
CVE-2023-0767 (High) |
|
nss-sysinit |
CVE-2023-0767 (High) |
|
nss-tools |
CVE-2023-0767 (High) |
|
bind-license |
CVE-2023-2828 (High) |
|
pip |
CVE-2018-20225 (High) |
|
ansi-regex |
CVE-2021-3807 (High) |
|
decode-uri-component |
CVE-2022-38900 (High) |
|
minimatch |
CVE-2022-3517 (High) |
|
qs |
CVE-2022-24999 (High) |
|
CVE-2017-1000048 (High) |
||
redis |
CVE-2021-29469 (High) |
|
trim-newlines |
CVE-2021-33623 (High) |
|
wheel |
CVE-2022-40898 (High) |
|
tungsten/contrail-controller-webui-web |
tough-cookie |
CVE-2023-26136 (Critical) |
python |
CVE-2023-24329 (High) |
|
python-libs |
CVE-2023-24329 (High) |
|
python3 |
CVE-2023-24329 (High) |
|
python3-libs |
CVE-2023-24329 (High) |
|
openssl |
CVE-2023-0286 (High) |
|
openssl-libs |
CVE-2023-0286 (High) |
|
nss |
CVE-2023-0767 (High) |
|
nss-sysinit |
CVE-2023-0767 (High) |
|
nss-tools |
CVE-2023-0767 (High) |
|
bind-license |
CVE-2023-2828 (High) |
|
pip |
CVE-2018-20225 (High) |
|
ansi-regex |
CVE-2021-3807 (High) |
|
decode-uri-component |
CVE-2022-38900 (High) |
|
minimatch |
CVE-2022-3517 (High) |
|
qs |
CVE-2022-24999 (High) |
|
CVE-2017-1000048 (High) |
||
redis |
CVE-2021-29469 (High) |
|
trim-newlines |
CVE-2021-33623 (High) |
|
wheel |
CVE-2022-40898 (High) |
|
tungsten/contrail-node-init |
bottle |
CVE-2022-31799 (Critical) |
python |
CVE-2023-24329 (High) |
|
python-devel |
CVE-2023-24329 (High) |
|
python-libs |
CVE-2023-24329 (High) |
|
python3 |
CVE-2023-24329 (High) |
|
python3-libs |
CVE-2023-24329 (High) |
|
openssl |
CVE-2023-0286 (High) |
|
openssl-libs |
CVE-2023-0286 (High) |
|
c-ares |
CVE-2023-32067 (High) |
|
nss |
CVE-2023-0767 (High) |
|
nss-sysinit |
CVE-2023-0767 (High) |
|
nss-tools |
CVE-2023-0767 (High) |
|
bind-license |
CVE-2023-2828 (High) |
|
pip |
CVE-2018-20225 (High) |
|
wheel |
CVE-2022-40898 (High) |
|
tungsten/contrail-nodemgr |
bottle |
CVE-2022-31799 (Critical) |
github.com/emicklei/go-restful |
CVE-2022-1996 (Critical) |
|
golang.org/x/net |
CVE-2022-27664 (High) |
|
CVE-2021-33194 (High) |
||
CVE-2022-27664 (High) |
||
CVE-2022-41721 (High) |
||
CVE-2022-27664 (High) |
||
python |
CVE-2023-24329 (High) |
|
python-devel |
CVE-2023-24329 (High) |
|
python-libs |
CVE-2023-24329 (High) |
|
python3 |
CVE-2023-24329 (High) |
|
python3-libs |
CVE-2023-24329 (High) |
|
openssl |
CVE-2023-0286 (High) |
|
openssl-libs |
CVE-2023-0286 (High) |
|
c-ares |
CVE-2023-32067 (High) |
|
nss |
CVE-2023-0767 (High) |
|
nss-sysinit |
CVE-2023-0767 (High) |
|
nss-tools |
CVE-2023-0767 (High) |
|
bind-license |
CVE-2023-2828 (High) |
|
github.com/opencontainers/runc |
CVE-2023-28642 (High) |
|
pip |
CVE-2018-20225 (High) |
|
golang.org/x/text |
CVE-2022-32149 (High) |
|
wheel |
CVE-2022-40898 (High) |
|
tungsten/contrail-provisioner |
bottle |
CVE-2022-31799 (Critical) |
python |
CVE-2023-24329 (High) |
|
python-devel |
CVE-2023-24329 (High) |
|
python-libs |
CVE-2023-24329 (High) |
|
python3 |
CVE-2023-24329 (High) |
|
python3-libs |
CVE-2023-24329 (High) |
|
openssl |
CVE-2023-0286 (High) |
|
openssl-libs |
CVE-2023-0286 (High) |
|
c-ares |
CVE-2023-32067 (High) |
|
nss |
CVE-2023-0767 (High) |
|
nss-sysinit |
CVE-2023-0767 (High) |
|
nss-tools |
CVE-2023-0767 (High) |
|
bind-license |
CVE-2023-2828 (High) |
|
pip |
CVE-2018-20225 (High) |
|
wheel |
CVE-2022-40898 (High) |
|
tungsten/contrail-tools |
bottle |
CVE-2022-31799 (Critical) |
python |
CVE-2023-24329 (High) |
|
python-devel |
CVE-2023-24329 (High) |
|
python-libs |
CVE-2023-24329 (High) |
|
python3 |
CVE-2023-24329 (High) |
|
python3-libs |
CVE-2023-24329 (High) |
|
openssl |
CVE-2023-0286 (High) |
|
openssl-libs |
CVE-2023-0286 (High) |
|
sudo |
CVE-2023-22809 (High) |
|
c-ares |
CVE-2023-32067 (High) |
|
nss |
CVE-2023-0767 (High) |
|
nss-sysinit |
CVE-2023-0767 (High) |
|
nss-tools |
CVE-2023-0767 (High) |
|
openssh |
CVE-2023-38408 (High) |
|
openssh-clients |
CVE-2023-38408 (High) |
|
bind-license |
CVE-2023-2828 (High) |
|
pip |
CVE-2018-20225 (High) |
|
wheel |
CVE-2022-40898 (High) |
|
tungsten/contrail-vrouter-agent |
bottle |
CVE-2022-31799 (Critical) |
python |
CVE-2023-24329 (High) |
|
python-devel |
CVE-2023-24329 (High) |
|
python-libs |
CVE-2023-24329 (High) |
|
python3 |
CVE-2023-24329 (High) |
|
python3-libs |
CVE-2023-24329 (High) |
|
openssl |
CVE-2023-0286 (High) |
|
openssl-libs |
CVE-2023-0286 (High) |
|
sudo |
CVE-2023-22809 (High) |
|
c-ares |
CVE-2023-32067 (High) |
|
nss |
CVE-2023-0767 (High) |
|
nss-sysinit |
CVE-2023-0767 (High) |
|
nss-tools |
CVE-2023-0767 (High) |
|
bind-export-libs |
CVE-2023-2828 (High) |
|
bind-license |
CVE-2023-2828 (High) |
|
pip |
CVE-2018-20225 (High) |
|
wheel |
CVE-2022-40898 (High) |
|
tungsten/contrail-vrouter-agent-dpdk |
bottle |
CVE-2022-31799 (Critical) |
python |
CVE-2023-24329 (High) |
|
python-devel |
CVE-2023-24329 (High) |
|
python-libs |
CVE-2023-24329 (High) |
|
python3 |
CVE-2023-24329 (High) |
|
python3-libs |
CVE-2023-24329 (High) |
|
openssl |
CVE-2023-0286 (High) |
|
openssl-libs |
CVE-2023-0286 (High) |
|
sudo |
CVE-2023-22809 (High) |
|
c-ares |
CVE-2023-32067 (High) |
|
nss |
CVE-2023-0767 (High) |
|
nss-sysinit |
CVE-2023-0767 (High) |
|
nss-tools |
CVE-2023-0767 (High) |
|
bind-export-libs |
CVE-2023-2828 (High) |
|
bind-license |
CVE-2023-2828 (High) |
|
pip |
CVE-2018-20225 (High) |
|
wheel |
CVE-2022-40898 (High) |
|
tungsten/contrail-vrouter-kernel-build-init |
kernel-headers |
CVE-2023-0461 (High) |
CVE-2022-3564 (High) |
||
tungsten/cp-kafka |
python39 |
CVE-2023-24329 (High) |
python39-libs |
CVE-2023-24329 (High) |
|
platform-python |
CVE-2023-24329 (High) |
|
python3-libs |
CVE-2023-24329 (High) |
|
tungsten/redis |
libcrypto3 |
CVE-2023-2650 (High) |
libssl3 |
CVE-2023-2650 (High) |
|
tungsten/tf-cli |
kernel-headers |
CVE-2023-0461 (High) |
CVE-2022-3564 (High) |
||
python39 |
CVE-2023-24329 (High) |
|
python39-devel |
CVE-2023-24329 (High) |
|
python39-libs |
CVE-2023-24329 (High) |
|
platform-python |
CVE-2023-24329 (High) |
|
python3-libs |
CVE-2023-24329 (High) |
|
bind-libs |
CVE-2023-2828 (High) |
|
bind-libs-lite |
CVE-2023-2828 (High) |
|
bind-license |
CVE-2023-2828 (High) |
|
bind-utils |
CVE-2023-2828 (High) |
|
python3-bind |
CVE-2023-2828 (High) |
|
tungsten/tungsten-pytest |
python39 |
CVE-2023-24329 (High) |
python39-libs |
CVE-2023-24329 (High) |
|
platform-python |
CVE-2023-24329 (High) |
|
python3-libs |
CVE-2023-24329 (High) |
|
cryptography |
CVE-2023-2650 (High) |