openstack
276 tracked vulnerabilities.
CVE-2012-5625
OpenStack Compute (Nova) Folsom <2012.2.2 - Info Disclosure
Dec 26, 2012
EPSS 0.01
CVE-2012-5483
OpenStack Keystone 2012.1.3 - Info Disclosure
Dec 26, 2012
EPSS 0.00
CVE-2012-5571
MEDIUM
OpenStack Keystone Essex/Folsom - Auth Bypass
Dec 18, 2012
CVSS 5.4
EPSS 0.00
CVE-2012-5563
OpenStack Keystone < 8.0.0 - Authenticated Authorization Bypass via Token Chaining
Dec 18, 2012
EPSS 0.00
CVE-2012-5482
OpenStack Glance Grizzly/Folsom/Essex - RCE
Nov 11, 2012
EPSS 0.01
CVE-2012-4573
OpenStack Glance <2012.2 - Auth Bypass
Nov 11, 2012
EPSS 0.01
CVE-2012-4406
CRITICAL
OpenStack Swift < 1.7.0 - Remote Code Execution via Unsafe Pickle Deserialization
Oct 22, 2012
CVSS 9.8
EPSS 0.05
CVE-2012-4457
OpenStack Keystone Essex < 2012.1.2 and Folsom < folsom-3 - Authenticated Improper Authentication
Oct 09, 2012
EPSS 0.01
CVE-2012-4456
OpenStack Keystone < 2012.1.2 - Improper Authentication via X-Auth-Token Validation
Oct 09, 2012
EPSS 0.04
CVE-2012-4413
OpenStack Keystone < 2012.1.3 - Authenticated Privilege Retention via Token Invalidation Bypass
Sep 18, 2012
EPSS 0.00
CVE-2012-3542
OpenStack Keystone < 2012.1 - Unauthenticated User Addition to Arbitrary Tenant via Default Tenant Update
Sep 05, 2012
EPSS 0.02
CVE-2012-3540
OpenStack Horizon Essex (2012.1) - Open Redirect via Login Next Parameter
Sep 05, 2012
EPSS 0.02
CVE-2012-3447
OpenStack Nova 2012.1.x < 2012.1.2 and Folsom < Folsom-3 - Authenticated Arbitrary File Overwrite via Symlink Attack
Aug 20, 2012
EPSS 0.01
CVE-2012-1585
OpenStack Compute (Nova) < 2011.3 - Authenticated Denial of Service via Long Server Name
Aug 17, 2012
EPSS 0.00
CVE-2012-3426
OpenStack Keystone < 2012.1.1 - Authenticated Token Expiration Bypass via Token Chaining
Jul 31, 2012
EPSS 0.01
CVE-2012-3361
OpenStack Compute (Nova) Diablo Essex Folsom - Authenticated Arbitrary File Write via Symlink Attack
Jul 22, 2012
EPSS 0.01
CVE-2012-3360
OpenStack Compute (Nova) Essex and Folsom - Authenticated Path Traversal via Disk Image File Path Attribute
Jul 22, 2012
EPSS 0.01
CVE-2012-3371
OpenStack Compute Folsom/Essex (2012.2/2012.1) - DoS via Scheduler Hints
Jul 17, 2012
EPSS 0.01
CVE-2012-2654
OpenStack Compute - Privilege Escalation
Jun 21, 2012
EPSS 0.01
CVE-2012-2101
Openstack Nova 2011.3, 2012.1, Folsom - Authenticated Denial of Service via Security Group Rule Flood
Jun 07, 2012
EPSS 0.01
CVE-2012-2144
OpenStack Horizon <2012.1 - Info Disclosure
Jun 05, 2012
EPSS 0.03
CVE-2012-2094
OpenStack Horizon folsom-1 and 2012.1 - Cross-Site Scripting via Log Viewer Refresh Mechanism
Jun 05, 2012
EPSS 0.01
CVE-2012-0030
OpenStack Essex and Nova 2011.3 - Authenticated Access Restriction Bypass via Modified project_id URI Parameter
Jan 13, 2012
EPSS 0.01
CVE-2011-4076
MEDIUM
OpenStack Nova <2012.1 - Info Disclosure
Nov 26, 2019
CVSS 5.9
EPSS 0.00
CVE-2011-3147
HIGH
OpenStack Nova < 2012.1 - Unauthorized Sensitive Information Exposure via Malicious QCow Filesystem
Apr 22, 2019
CVSS 8.6
EPSS 0.00
Products
keystone 39
nova 38
folsom 25
neutron 25
horizon 22
essex 15
image_registry_and_delivery_service_\(glance\) 15
grizzly 14
swift 13
compute 12
glance 12
havana 11
cinder 9
heat 7
python-keystoneclient 7
Ironic 5
barbican 5
tripleo_heat_templates 5
Keystone 4
icehouse 4
keystonemiddleware 3
trove 3
Cyborg 2
ceilometer 2
cloud_magnum_orchestration 2
designate 2
diablo 2
keystone_essex 2
magnum 2
manila 2
Quick Filters