CVE-2025-22828: Unauthorised access to annotations
Severity: Low
Affected versions:
- Apache CloudStack 4.16.0 or later
Description:
CloudStack users can add and read comments (annotations) on resources they are authorised to access.
Severity: Low
Affected versions:
CloudStack users can add and read comments (annotations) on resources they are authorised to access.
The Apache CloudStack project is pleased to announce the release of CloudStack 4.20.0.0.
Apache CloudStack 4.20 is the most recent release of the cloud management platform. It comes as a product of extensive contributions from the development community and is a LTS release, guaranteeing ongoing maintenance and support for a period of 18 months
The Apache CloudStack project is pleased to announce the release of CloudStack Kubernetes Provider v1.1.0 that facilitates Kubernetes deployments on Cloudstack.
It allows Kubernetes to dynamically allocate IP addresses and the respective networking rules on CloudStack to ensure seamless TCP, UDP and TCP-Proxy LoadBalancer deployments on Kubernetes. This was historically part of the Kubernetes codebase which was later removed and donated to the project to allow for further maintenance of the provider plugin.