Explore
By company size
By use case
By industry
View all solutions
Topics
- AI
- DevOps
- Security
- Software Development
- View all
Explore
- GitHub Sponsors
  Fund open source developers
- The ReadME Project
  GitHub community articles
Repositories
- Enterprise platform
  AI-powered developer platform
Available add-ons
Pricing

Search code, repositories, users, issues, pull requests...

Clear

Search syntax tips

Provide feedback

We read every piece of feedback, and take your input very seriously.

Include my email address so I can be contacted

Saved searches

Use saved searches to filter your results more quickly

Name

Query

To see all available qualifiers, see our documentation.

You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session. You switched accounts on another tab or window. Reload to refresh your session.

Dismiss alert

apache / cloudstack Public

Notifications You must be signed in to change notification settings
Fork 1.1k
Star 2.2k

Code
Issues 446
Pull requests 156
Discussions
Actions
Projects 1
Wiki
Security
Insights

Additional navigation options

Code
Issues
Pull requests
Discussions
Actions
Projects
Wiki
Security
Insights

Releases: apache/cloudstack

Releases Tags

Releases · apache/cloudstack

Apache CloudStack 4.18.2.1 (LTS Security Release)

05 Jul 13:31

shwstppr

4.18.2.1

ef5b5bb

Compare

Choose a tag to compare

View all tags

Apache CloudStack 4.18.2.1 (LTS Security Release)

This is a security release that fixes the following on top of the 4.18.2.0 release:

CVE-2024-38346: Unauthenticated cluster service port leads to remote execution
CVE-2024-39864: Integration API service uses dynamic port when disabled

Advisory: https://cloudstack.apache.org/blog/security-release-advisory-4.19.0.2-4.18.2.1

Release notes: https://docs.cloudstack.apache.org/en/4.18.2.1/releasenotes
Installation docs: https://docs.cloudstack.apache.org/en/4.18.2.1/installguide
Upgrade docs: https://docs.cloudstack.apache.org/en/4.18.2.1/upgrading
Admin docs: https://docs.cloudstack.apache.org/en/4.18.2.1/adminguide
API docs: https://cloudstack.apache.org/api/apidocs-4.18

Assets 2

All reactions

Apache CloudStack 4.18.2.0 (LTS)

25 Apr 18:05

JoaoJandre

4.18.2.0

154566f

Compare

Choose a tag to compare

View all tags

Apache CloudStack 4.18.2.0 (LTS)

Release notes: https://docs.cloudstack.apache.org/en/4.18.2.0/releasenotes
Installation docs: https://docs.cloudstack.apache.org/en/4.18.2.0/installguide
Upgrade docs: https://docs.cloudstack.apache.org/en/4.18.2.0/upgrading
Admin docs: https://docs.cloudstack.apache.org/en/4.18.2.0/adminguide
API docs: https://cloudstack.apache.org/api/apidocs-4.18

Assets 2

soreana, vishesh92, and rohityadavcloud reacted with hooray emoji

All reactions

🎉 3 reactions

3 people reacted

Apache CloudStack 4.18.1.1 (LTS Security Release)

04 Apr 05:23

rohityadavcloud

4.18.1.1

This tag was signed with the committer’s verified signature.

rohityadavcloud Rohit Yadav

GPG key ID: 484248210EE3D884

Learn about vigilant mode.

b28f3cd

Compare

Choose a tag to compare

View all tags

Apache CloudStack 4.18.1.1 (LTS Security Release)

This is a security release the fixes the following on top of 4.18.1.0 release:

CVE-2024-29006 x-forwarded-for parsed by default
CVE-2024-29007 When downloading templates or ISOs, the UI/SSVM follow http redirects with potentially dangerous consequences
CVE-2024-29008 The extraconfig feature can be abused to load hypervisor resources on a VM instance

Advisory: https://cloudstack.apache.org/blog/security-release-advisory-4.19.0.1-4.18.1.1

Assets 2

All reactions

Apache CloudStack 4.19.0.1 (LTS Security Release)

04 Apr 05:23

rohityadavcloud

4.19.0.1

This tag was signed with the committer’s verified signature.

rohityadavcloud Rohit Yadav

GPG key ID: 484248210EE3D884

Learn about vigilant mode.

14a42b7

Compare

Choose a tag to compare

View all tags

Apache CloudStack 4.19.0.1 (LTS Security Release)

This is a security release the fixes the following on top of 4.19.0.0 release:

CVE-2024-29006 x-forwarded-for parsed by default
CVE-2024-29007 When downloading templates or ISOs, the UI/SSVM follow http redirects with potentially dangerous consequences
CVE-2024-29008 The extraconfig feature can be abused to load hypervisor resources on a VM instance

Advisory: https://cloudstack.apache.org/blog/security-release-advisory-4.19.0.1-4.18.1.1

Assets 2