Proactive Insights and Support For Open-Source Applications
  • Applications
  • Platform
  • Support
  • Resources
    • FAQ
    • Newsflash
    • OSSpedia
    • How-to Guides
    • Case Studies
    • Articles
  • Company
    • About Us
    • The OSS in Hossted
  • Contact
Get Started
Book a demo
  • Applications
  • Platform
  • Support
  • Resources
    • FAQ
    • Newsflash
    • OSSpedia
    • How-to Guides
    • Case Studies
    • Articles
  • Company
    • About Us
    • The OSS in Hossted
  • Contact
  • Home
  • Knowledge Base
  • Newsflash
  • DevOps
  • Cloud Computing

Cloud Computing

All OSSpediaArticlesHow ToNewsflashCase Studies
Don't Miss out!
Join our newsletter for exclusive updates on open source innovations.

    Selected category
    • Communication
      • Communication
    • Communication and Collaboration
      • Communication
    • Specialized Software
      • Educational
      • Graphic Design
    • Business and Enterprise Solutions
      • Productivity
      • Supply Chain Management (SCM)
      • CRM
      • E-commerce
      • CMS
      • Marketing Automation
      • ERP
    • Project and Agile Management
      • Project Management
      • IT Business Management
    • Infrastructure and Network
      • Networking
      • Storage
      • Security
    • DevOps
      • Mobile App Development
      • Backup and Recovery
      • Data Analytics
      • Web Development
      • Developer Stacks
      • Cloud Computing
      • Monitoring
      • Application Development
      • Developer Tools
    • Data Management and Analytics
      • Communication
      • Application Development
      • Analytics
      • Machine Learning
      • Database
      • Data Analytics
    23 Oct 2024 DevOps
    VMware: SQL Injection Vulnerability

    In VMware HCX (Hybrid Cloud Extension) versions 4.8.0 – 4.8.2 and 4.9.0 – 4.9.1 a high severity vulnerability CVE-2024-38814 was detected. This vulnerability allows authenticated attackers with non-administrator privileges to execute specially crafted SQL queries, potentially leading to unauthorized remote code execution on the HCX Manager. Currently, there is no fix version for this issue. For more details, visit https://avd.aquasec.com/nvd/2024/cve-2024-38814.

    Read more
    Cloud Computing
    16 Sep 2024 DevOps
    OpenStack: Update Ironic service to Prevent Data Access Vulnerability

    In OpenStack Ironic versions before 21.4.3, from 22.0.0 to 23.0.2, from 23.1.0 to 24.1.2, and from 25.0.0 to 26.0.1 a medium severity vulnerability CVE-2024-44082 was detected. This vulnerability allows attackers to exploit crafted images in OpenStack Ironic, leading to unauthorized access to potentially sensitive data by triggering undesired behaviors in qemu-img. To fix this problem users should upgrade OpenStack Ironic to versions 21.4.3, 23.0.2, 24.1.2, and 26.0.1. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2024-44082.

    Read more
    Cloud Computing
    16 Sep 2024 DevOps
    OpenStack: Unauthorized File Access via Crafted Images in Nova service

    In OpenStack Nova versions before 27.4.1, 28.0 before 28.2.1, and 29.0 before 29.1.1 a medium severity vulnerability CVE-2024-40767 was detected. This vulnerability allows attackers to gain unauthorized access to potentially sensitive data by supplying a crafted image with a file path reference in OpenStack Nova, which can result in the server returning the contents of the referenced file. To fix this problem, users should upgrade OpenStack Nova to versions 27.4.1 and later, 28.2.1 and later, and 29.1.1 and later. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2024-40767.

    Read more
    Cloud Computing
    28 Aug 2024 DevOps
    OpenStack: Potential MITM Attack via Compromised Container Images

    In OpenStack versions 16.1, 16.2, 17.1 a high severity vulnerability CVE-2024-8007 was detected. This vulnerability allows an attacker to deploy potentially compromised container images via disabling TLS certificate verification for registry mirrors, which could enable a man-in-the-middle (MITM) attack. To fix this issue, users must upgrade OpenStack to the latest version. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2024-8007/.

    Read more
    Cloud Computing
    7 Aug 2024 DevOps
    OpenStack: Incomplete Fix in OpenStack-Heat May Expose Sensitive Information

    In OpenStack versions 16.1/16.2/17.0 a high severity vulnerability CVE-2024-7319 was detected. This vulnerability allows the disclosure of sensitive information through the OpenStack stack abandon command. To fix this issue, users should upgrade to version 22.0.2. For more details, visit https://avd.aquasec.com/nvd/2024/cve-2024-7319.

    Read more
    Cloud Computing
    24 Jul 2024 DevOps
    OpenStack: Upgrade to Prevent File Access Exploit in Cinder, Glance, and Nova

    In OpenStack components Cinder through version 24.0.0, Glance before version 28.0.2, and Nova before version 29.0.3 a medium severity vulnerability CVE-2024-32498 was detected. This vulnerability allows attackers to read important files on your system using a specially made file. To fix this problem, users should upgrade the OpenStack Cinder component to version 24.0.1 or later, the OpenStack Glance component to version 28.0.2 or later and the OpenStack Nova component to version 29.0.3 or later. For more details, visit https://avd.aquasec.com/nvd/2024/cve-2024-32498.

    Read more
    Cloud Computing
    15 Jun 2024 DevOps
    OpenStack: Platform Director Vulnerability Exposes Passwords in Log Files

    In OpenStack Platform a medium severity vulnerability CVE-2024-4840 was detected. This flaw could expose sensitive information by storing plaintext passwords in log files. For more details, visit https://avd.aquasec.com/nvd/2024/cve-2024-4840/.

    Read more
    Cloud Computing
    Proactive Insights and Support For Open-Source Applications
    Contact us: Whatsapp
    Company
    • About Hossted
    • Data Processing Addendum
    Solutions
    • Applications
    • Support Plans
    • About Solution
    Resources
    • FAQ
    • Knowledge Base
    © HOSSTED 2025 All rights reserved
    • Privacy Policy
    • Terms and Conditions
    • Cookies Policy