Openstack Mistral
Approved changes feed: RSS · Atom
cpe:2.3:a:[unknown]:openstack-mistral:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | [Unknown] (5b07108a-8f0c-5d28-ab99-c4ff62adb460) |
|---|---|
| Product | Openstack Mistral (f502a61b-0dda-585f-9525-845408e9338d) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2019-3866 |
vulnerable | 2026-06-03 14:40:27.709962 |
Details available
MEDIUM (5.9)
An information-exposure vulnerability was discovered where openstack-mistral's undercloud log files containing clear-text information were made world readable. A malicious system user could exploit this flaw to access sensitive user information.
Published: 2019-11-08T14:45:58.000Z
Updated: 2024-08-04T19:19:18.586Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-16849 |
vulnerable | 2026-06-03 14:38:21.090768 |
Details available
LOW (3.1)
A flaw was found in openstack-mistral. By manipulating the SSH private key filename, the std.ssh action can be used to disclose the presence of arbitrary files within the filesystem of the executor running the action. Since std.ssh private_key_filename can take an absolute path, it can be used to assess whether or not a file exists on the executor's filesystem.
Published: 2018-11-02T21:00:00.000Z
Updated: 2024-08-05T10:32:54.175Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-2622 |
vulnerable | 2026-06-03 14:37:07.826588 |
Details available
MEDIUM (5.9)
An accessibility flaw was found in the OpenStack Workflow (mistral) service where a service log directory was improperly made world readable. A malicious system user could exploit this flaw to access sensitive information.
Published: 2018-07-27T13:00:00.000Z
Updated: 2024-08-05T14:02:06.918Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.