Filtered by vendor Openstack
Subscriptions
Filtered by product Folsom
Subscriptions
Total
26 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-1665 | 2 Openstack, Redhat | 3 Folsom, Keystone Essex, Openstack | 2025-04-11 | N/A |
| The XML libraries for Python 3.4, 3.3, 3.2, 3.1, 2.7, and 2.6, as used in OpenStack Keystone Essex and Folsom, Django, and possibly other products allow remote attackers to read arbitrary files via an XML external entity declaration in conjunction with an entity reference, aka an XML External Entity (XXE) attack. | ||||
| CVE-2012-5571 | 2 Openstack, Redhat | 3 Essex, Folsom, Openstack | 2025-04-11 | N/A |
| OpenStack Keystone Essex (2012.1) and Folsom (2012.2) does not properly handle EC2 tokens when the user role has been removed from a tenant, which allows remote authenticated users to bypass intended authorization restrictions by leveraging a token for the removed user role. | ||||
| CVE-2012-3371 | 1 Openstack | 3 Compute, Essex, Folsom | 2025-04-11 | N/A |
| The Nova scheduler in OpenStack Compute (Nova) Folsom (2012.2) and Essex (2012.1), when DifferentHostFilter or SameHostFilter is enabled, allows remote authenticated users to cause a denial of service (excessive database lookup calls and server hang) via a request with many repeated IDs in the os:scheduler_hints section. | ||||
| CVE-2012-5482 | 1 Openstack | 3 Essex, Folsom, Image Registry And Delivery Service \(glance\) | 2025-04-11 | N/A |
| The v2 API in OpenStack Glance Grizzly, Folsom (2012.2), and Essex (2012.1) allows remote authenticated users to delete arbitrary non-protected images via an image deletion request. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-4573. | ||||
| CVE-2012-4573 | 2 Openstack, Redhat | 4 Essex, Folsom, Image Registry And Delivery Service \(glance\) and 1 more | 2025-04-11 | N/A |
| The v1 API in OpenStack Glance Grizzly, Folsom (2012.2), and Essex (2012.1) allows remote authenticated users to delete arbitrary non-protected images via an image deletion request, a different vulnerability than CVE-2012-5482. | ||||
| CVE-2013-2096 | 1 Openstack | 3 Folsom, Grizzly, Havana | 2025-04-11 | N/A |
| OpenStack Compute (Nova) Folsom, Grizzly, and Havana does not verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service (host file system disk consumption) by creating an image with a large virtual size that does not contain a large amount of data. | ||||