Lucene search
HistoryMar 18, 2024 - 7:15 a.m.
CVE-2024-29156
openstack
murano
sensitive information leakage
yaql
environment
In OpenStack Murano through 16.0.0, when YAQL before 3.0.0 is used, the Murano service’s MuranoPL extension to the YAQL language fails to sanitize the supplied environment, leading to potential leakage of sensitive service account information.
Related
redhat
redhat
(RHSA-2024:1930) Important: Red Hat OpenStack Platform 17.1 (openstack-tripleo-heat-templates and python-yaql) security update
2024-04-22 00:56:10
(RHSA-2024:1931) Important: Red Hat OpenStack Platform 17.1 (python-yaql and openstack-tripleo-heat-templates) security update
2024-04-22 00:56:12
(RHSA-2024:4053) Important: Red Hat OpenStack Platform 16.2 security update
2024-06-24 00:58:56
nessus
nessus
debiancve
debiancve
CVE-2024-29156
2024-03-18 07:15:05
cvelist
cvelist
CVE-2024-29156
2024-03-18 00:00:00
github
github
Information leakage in YAQL
2024-03-18 09:30:30
redhatcve
redhatcve
CVE-2024-29156
2024-03-19 06:20:33
ubuntucve
ubuntucve
CVE-2024-29156
2024-03-18 00:00:00
osv
osv
Information leakage in YAQL
2024-03-18 09:30:30
veracode
veracode
Information Disclosure
2024-04-04 06:31:48
vulnrichment
vulnrichment
CVE-2024-29156
2024-03-18 00:00:00
cve
cve
CVE-2024-29156
2024-03-18 07:15:05