Suggestions search

All statuses

Filter by:

With package: rubyPackages_3_1.ovirt-engine-sdk

Found 4 matching suggestions

View:

Compact

Detailed

Untriaged

Permalink CVE-2013-4367

created 1 month ago

ovirt-engine 3.2 running on Linux kernel 3.1 and newer creates …

ovirt-engine 3.2 running on Linux kernel 3.1 and newer creates certain files world-writeable due to an upstream kernel change which impacted how python's os.chmod() works when passed a mode of '-1'.

References

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4367 x_refsource_MISC
https://access.redhat.com/security/cve/cve-2013-4367 x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4367 x_transferred x_refsource_MISC
https://access.redhat.com/security/cve/cve-2013-4367 x_transferred x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4367 x_refsource_MISC
https://access.redhat.com/security/cve/cve-2013-4367 x_refsource_MISC
https://access.redhat.com/security/cve/cve-2013-4367 x_transferred x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4367 x_transferred x_refsource_MISC

Affected products

ovirt-engine

==ovirt-engine 3.2 running on Linux kernel 3.1 and newer

Matching in nixpkgs

pkgs.rubyPackages.ovirt-engine-sdk

None

nixos-unstable 4.6.1
- nixpkgs-unstable 4.6.1
- nixos-unstable-small 4.6.1
nixos-25.11 4.6.1
- nixos-25.11-small 4.6.1
- nixpkgs-25.11-darwin 4.6.1

pkgs.rubyPackages_3_1.ovirt-engine-sdk

None

pkgs.rubyPackages_3_2.ovirt-engine-sdk

None

pkgs.rubyPackages_3_3.ovirt-engine-sdk

None

nixos-unstable 4.6.1
- nixpkgs-unstable 4.6.1
- nixos-unstable-small 4.6.1
nixos-25.11 4.6.1
- nixos-25.11-small 4.6.1
- nixpkgs-25.11-darwin 4.6.1

pkgs.rubyPackages_3_4.ovirt-engine-sdk

None

nixos-unstable 4.6.1
- nixpkgs-unstable 4.6.1
- nixos-unstable-small 4.6.1
nixos-25.11 4.6.1
- nixos-25.11-small 4.6.1
- nixpkgs-25.11-darwin 4.6.1

pkgs.rubyPackages_4_0.ovirt-engine-sdk

None

nixos-unstable 4.6.1
- nixpkgs-unstable 4.6.1
- nixos-unstable-small 4.6.1
nixos-25.11 4.6.1
- nixos-25.11-small 4.6.1
- nixpkgs-25.11-darwin 4.6.1

Untriaged

Permalink CVE-2015-1780

created 1 month ago

oVirt users with MANIPULATE_STORAGE_DOMAIN permissions can attach a storage domain …

oVirt users with MANIPULATE_STORAGE_DOMAIN permissions can attach a storage domain to any data-center

References

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-1780 x_refsource_MISC
https://access.redhat.com/security/cve/cve-2015-1780 x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-1780 x_transferred x_refsource_MISC
https://access.redhat.com/security/cve/cve-2015-1780 x_transferred x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-1780 x_refsource_MISC
https://access.redhat.com/security/cve/cve-2015-1780 x_refsource_MISC
https://access.redhat.com/security/cve/cve-2015-1780 x_transferred x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-1780 x_transferred x_refsource_MISC

Affected products

oVirt

==through 2015-03-06

Matching in nixpkgs

pkgs.libgovirt

GObject wrapper for the oVirt REST API

nixos-unstable 0.3.9
- nixpkgs-unstable 0.3.9
- nixos-unstable-small 0.3.9
nixos-25.11 0.3.9
- nixos-25.11-small 0.3.9
- nixpkgs-25.11-darwin 0.3.9

pkgs.stratovirt

Virtual Machine Manager from Huawei

nixos-unstable 2.4.0
- nixpkgs-unstable 2.4.0
- nixos-unstable-small 2.4.0
nixos-25.11 2.4.0
- nixos-25.11-small 2.4.0
- nixpkgs-25.11-darwin 2.4.0

pkgs.rubyPackages.ovirt-engine-sdk

None

nixos-unstable 4.6.1
- nixpkgs-unstable 4.6.1
- nixos-unstable-small 4.6.1
nixos-25.11 4.6.1
- nixos-25.11-small 4.6.1
- nixpkgs-25.11-darwin 4.6.1

pkgs.rubyPackages_3_1.ovirt-engine-sdk

None

pkgs.rubyPackages_3_2.ovirt-engine-sdk

None

pkgs.rubyPackages_3_3.ovirt-engine-sdk

None

nixos-unstable 4.6.1
- nixpkgs-unstable 4.6.1
- nixos-unstable-small 4.6.1
nixos-25.11 4.6.1
- nixos-25.11-small 4.6.1
- nixpkgs-25.11-darwin 4.6.1

pkgs.rubyPackages_3_4.ovirt-engine-sdk

None

nixos-unstable 4.6.1
- nixpkgs-unstable 4.6.1
- nixos-unstable-small 4.6.1
nixos-25.11 4.6.1
- nixos-25.11-small 4.6.1
- nixpkgs-25.11-darwin 4.6.1

pkgs.rubyPackages_4_0.ovirt-engine-sdk

None

nixos-unstable 4.6.1
- nixpkgs-unstable 4.6.1
- nixos-unstable-small 4.6.1
nixos-25.11 4.6.1
- nixos-25.11-small 4.6.1
- nixpkgs-25.11-darwin 4.6.1

Package maintainers

@amarshall Andrew Marshall <andrew@johnandrewmarshall.com>
@Atemu Atemu <nixpkgs@mail.atemu.net>
@astro Astro <astro@spaceboyz.net>

Untriaged

Permalink CVE-2024-7259

4.4 MEDIUM

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): HIGH
Privileges required (PR): HIGH
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): NONE
Availability impact (A): NONE

created 6 months ago

Ovirt-engine: potential exposure of cleartext provider passwords via web ui

A flaw was found in oVirt. A user with administrator privileges, including users with the ReadOnlyAdmin permission, may be able to use browser developer tools to view Provider passwords in cleartext.

References

RHBZ#2314229 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-7259 x_refsource_REDHAT vdb-entry
https://access.redhat.com/security/cve/CVE-2024-7259 x_refsource_REDHAT vdb-entry
RHBZ#2314229 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-7259 x_refsource_REDHAT vdb-entry
RHBZ#2314229 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-7259 x_refsource_REDHAT vdb-entry
RHBZ#2314229 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-7259 x_refsource_REDHAT vdb-entry
RHBZ#2314229 issue-tracking x_refsource_REDHAT

Affected products

ovirt-engine

<4.5.7

Matching in nixpkgs

pkgs.rubyPackages.ovirt-engine-sdk

None

nixos-unstable -
- nixpkgs-unstable 4.6.0

pkgs.rubyPackages_3_1.ovirt-engine-sdk

None

nixos-unstable -
- nixpkgs-unstable 4.6.0

pkgs.rubyPackages_3_2.ovirt-engine-sdk

None

nixos-unstable -
- nixpkgs-unstable 4.6.0

pkgs.rubyPackages_3_3.ovirt-engine-sdk

None

nixos-unstable -
- nixpkgs-unstable 4.6.0

pkgs.rubyPackages_3_4.ovirt-engine-sdk

None

nixos-unstable -
- nixpkgs-unstable 4.6.0

Untriaged

Permalink CVE-2024-0822

9.1 CRITICAL

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): HIGH
Availability impact (A): NONE

created 6 months ago

Ovirt: authentication bypass

An authentication bypass vulnerability was found in overt-engine. This flaw allows the creation of users in the system without authentication due to a flaw in the CreateUserSession command.