Cyber Security News

ShapeBlue Security Advisory: Security Fixes in CloudStack 4.19.3.0 and Apache CloudStack 4.20.1.0

Cyware
ShapeBlue Security Advisory: Security Fixes in CloudStack 4.19.3.0 and Apache CloudStack 4.20.1.0

The Apache CloudStack project announces security patches through the LTS releases 4.19.3.0 and 4.20.1.0, fixing critical vulnerabilities such as privilege escalation, unauthorized access, and API key leaks. Users are advised to upgrade to these versions to mitigate security risks. #ApacheCloudStack #CVE-2025-26521 #CVE-2025-47713 #CVE-2025-30675

Keypoints

  • The latest releases address multiple critical and low severity security vulnerabilities in Apache CloudStack.
  • Vulnerabilities include privilege escalation, unauthorized resource access, and API key leaks.
  • Specific CVEs affected versions from 4.0.0 to 4.20.0, with fixes available in 4.19.3.0 and 4.20.1.0.
  • Users managing CKS clusters or domain admins should upgrade promptly to secure their environments.
  • The community recommends upgrading to the latest patched versions and provides full advisories online.

Read More: https://www.shapeblue.com/shapeblue-security-advisory-cloudstack-4-19-3-0-and-4-20-1-0/