Описание
The mistral-dashboard plugin for openstack has a local file inclusion vulnerability through the 'Create Workbook' feature that may result in disclosure of arbitrary local files content.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| mistral-dashboard | fixed | 15.0.0~rc1-1 | package | |
| python-mistralclient | fixed | 1:4.3.0-2 | package |
Примечания
https://review.opendev.org/c/openstack/mistral-dashboard/+/800952
Fixed by: https://opendev.org/openstack/mistral-dashboard/commit/8b876b0b22b365f24af1eb9eae01ad3d22cc1533 (15.0.0.0rc1)
Fixed by: https://opendev.org/openstack/mistral-dashboard/commit/c077728bfa6001f0cb1ac22b0bacd74eb1967b04 (14.0.1)
https://review.opendev.org/c/openstack/python-mistralclient/+/800950
Fixed by: https://opendev.org/openstack/python-mistralclient/commit/ab54cb9ae576c2b29c7cd9a9628f3908aaa3e0ee (4.3.0)
Связанные уязвимости
The mistral-dashboard plugin for openstack has a local file inclusion vulnerability through the 'Create Workbook' feature that may result in disclosure of arbitrary local files content.
The mistral-dashboard plugin for openstack has a local file inclusion vulnerability through the 'Create Workbook' feature that may result in disclosure of arbitrary local files content.
OpenStack's Mistral Client has a local file inclusion vulnerability