Filtered by vendor Openstack
Subscriptions
Total
262 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-2256 | 2 Openstack, Redhat | 2 Nova, Openstack | 2025-04-11 | N/A |
| OpenStack Compute (Nova) before 2013.1.3 and Havana before havana-2 does not properly enforce the os-flavor-access:is_public property, which allows remote authenticated users to obtain sensitive information (flavor properties), boot arbitrary flavors, and possibly have other unspecified impacts by guessing the flavor id. | ||||
| CVE-2012-3447 | 1 Openstack | 2 Folsom, Nova | 2025-04-11 | N/A |
| virt/disk/api.py in OpenStack Compute (Nova) 2012.1.x before 2012.1.2 and Folsom before Folsom-3 allows remote authenticated users to overwrite arbitrary files via a symlink attack on a file in an image that uses a symlink that is only readable by root. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-3361. | ||||
| CVE-2013-4111 | 3 Openstack, Opensuse, Redhat | 3 Python Glanceclient, Opensuse, Openstack | 2025-04-11 | N/A |
| The Python client library for Glance (python-glanceclient) before 0.10.0 does not properly check the preverify_ok value, which prevents the server hostname from being verified with a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate and allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. | ||||
| CVE-2013-4155 | 2 Openstack, Redhat | 5 Folsom, Grizzly, Havana and 2 more | 2025-04-11 | N/A |
| OpenStack Swift before 1.9.1 in Folsom, Grizzly, and Havana allows authenticated users to cause a denial of service ("superfluous" tombstone consumption and Swift cluster slowdown) via a DELETE request with a timestamp that is older than expected. | ||||
| CVE-2013-4183 | 2 Openstack, Redhat | 2 Cinder, Openstack | 2025-04-11 | N/A |
| The clear_volume function in LVMVolumeDriver driver in OpenStack Cinder 2013.1.1 through 2013.1.2 does not properly clear data when deleting a snapshot, which allows local users to obtain sensitive information via unspecified vectors. | ||||
| CVE-2013-4202 | 3 Canonical, Openstack, Redhat | 3 Ubuntu Linux, Cinder, Openstack | 2025-04-11 | N/A |
| The (1) backup (api/contrib/backups.py) and (2) volume transfer (contrib/volume_transfer.py) APIs in OpenStack Cinder Grizzly 2013.1.3 and earlier allows remote attackers to cause a denial of service (resource consumption and crash) via an XML Entity Expansion (XEE) attack. NOTE: this issue is due to an incomplete fix for CVE-2013-1664. | ||||
| CVE-2013-4222 | 4 Canonical, Fedoraproject, Openstack and 1 more | 4 Ubuntu Linux, Fedora, Keystone and 1 more | 2025-04-11 | N/A |
| OpenStack Identity (Keystone) Folsom, Grizzly 2013.1.3 and earlier, and Havana before havana-3 does not properly revoke user tokens when a tenant is disabled, which allows remote authenticated users to retain access via the token. | ||||
| CVE-2013-4278 | 1 Openstack | 1 Compute | 2025-04-11 | N/A |
| The "create an instance" API in OpenStack Compute (Nova) Folsom, Grizzly, and Havana does not properly enforce the os-flavor-access:is_public property, which allows remote authenticated users to boot arbitrary flavors by guessing the flavor id. NOTE: this issue is due to an incomplete fix for CVE-2013-2256. | ||||
| CVE-2013-4294 | 2 Openstack, Redhat | 2 Keystone, Openstack | 2025-04-11 | N/A |
| The (1) mamcache and (2) KVS token backends in OpenStack Identity (Keystone) Folsom 2012.2.x and Grizzly before 2013.1.4 do not properly compare the PKI token revocation list with PKI tokens, which allow remote attackers to bypass intended access restrictions via a revoked PKI token. | ||||
| CVE-2013-4428 | 3 Canonical, Openstack, Redhat | 3 Ubuntu Linux, Glance, Openstack | 2025-04-11 | N/A |
| OpenStack Image Registry and Delivery Service (Glance) Folsom, Grizzly before 2013.1.4, and Havana before 2013.2, when the download_image policy is configured, does not properly restrict access to cached images, which allows remote authenticated users to read otherwise restricted images via an image UUID. | ||||
| CVE-2013-4354 | 1 Openstack | 1 Image Registry And Delivery Service \(glance\) | 2025-04-11 | N/A |
| The API before 2.1 in OpenStack Image Registry and Delivery Service (Glance) makes it easier for local users to inject images into arbitrary tenants by adding the tenant as a member of the image. | ||||
| CVE-2014-1948 | 2 Openstack, Redhat | 2 Image Registry And Delivery Service \(glance\), Openstack | 2025-04-11 | N/A |
| OpenStack Image Registry and Delivery Service (Glance) 2013.2 through 2013.2.1 and Icehouse before icehouse-2 logs a URL containing the Swift store backend password when authentication fails and WARNING level logging is enabled, which allows local users to obtain sensitive information by reading the log. | ||||
| CVE-2013-4463 | 2 Openstack, Redhat | 4 Folsom, Grizzly, Havana and 1 more | 2025-04-11 | N/A |
| OpenStack Compute (Nova) Folsom, Grizzly, and Havana does not properly verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service (host file system disk consumption) via a compressed QCOW2 image. NOTE: this issue is due to an incomplete fix for CVE-2013-2096. | ||||
| CVE-2013-4469 | 1 Openstack | 3 Folsom, Grizzly, Havana | 2025-04-11 | N/A |
| OpenStack Compute (Nova) Folsom, Grizzly, and Havana, when use_cow_images is set to False, does not verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service (host file system disk consumption) by transferring an image with a large virtual size that does not contain a large amount of data from Glance. NOTE: this issue is due to an incomplete fix for CVE-2013-2096. | ||||
| CVE-2012-4456 | 2 Openstack, Redhat | 2 Keystone, Openstack | 2025-04-11 | N/A |
| The (1) OS-KSADM/services and (2) tenant APIs in OpenStack Keystone Essex before 2012.1.2 and Folsom before folsom-2 do not properly validate X-Auth-Token, which allow remote attackers to read the roles for an arbitrary user or get, create, or delete arbitrary services. | ||||
| CVE-2013-1977 | 1 Openstack | 1 Devstack | 2025-04-11 | N/A |
| OpenStack devstack uses world-readable permissions for keystone.conf, which allows local users to obtain sensitive information such as the LDAP password and admin_token secret by reading the file. | ||||
| CVE-2011-4596 | 1 Openstack | 1 Nova | 2025-04-11 | N/A |
| Multiple directory traversal vulnerabilities in OpenStack Nova before 2011.3.1, when the EC2 API and the S3/RegisterImage image-registration method are enabled, allow remote authenticated users to overwrite arbitrary files via a crafted (1) tarball or (2) manifest. | ||||
| CVE-2013-4497 | 2 Openstack, Redhat | 4 Folsom, Grizzly, Havana and 1 more | 2025-04-11 | N/A |
| The XenAPI backend in OpenStack Compute (Nova) Folsom, Grizzly, and Havana before 2013.2 does not properly apply security groups (1) when resizing an image or (2) during live migration, which allows remote attackers to bypass intended restrictions. | ||||
| CVE-2012-0030 | 1 Openstack | 2 Essex, Nova | 2025-04-11 | N/A |
| Nova 2011.3 and Essex, when using the OpenStack API, allows remote authenticated users to bypass access restrictions for tenants of other users via an OSAPI request with a modified project_id URI parameter. | ||||
| CVE-2012-1585 | 1 Openstack | 1 Nova | 2025-04-11 | N/A |
| OpenStack Compute (Nova) Essex before 2011.3 allows remote authenticated users to cause a denial of service (Nova-API log file and disk consumption) via a long server name. | ||||