openstack
295 tracked vulnerabilities.
CVE-2013-2059
OpenStack Keystone Folsom <= 2012.2.4, Grizzly < 2013.1.1, Havana - Improper Authentication Token Revocation via v2 API
May 21, 2013
EPSS 0.02
CVE-2013-2006
OpenStack Keystone 2013.1.1 - Sensitive Information Exposure via DEBUG Mode Logging
May 21, 2013
EPSS 0.01
CVE-2013-1977
OpenStack Devstack - Information Disclosure via World-Readable Keystone Configuration
May 21, 2013
EPSS 0.00
CVE-2013-0282
OpenStack Keystone < 2012.1.3, 2012.1.x-2012.2.x, < 2013.1 - Improper Authentication via EC2-Style Authentication
Apr 12, 2013
EPSS 0.02
CVE-2013-0270
MEDIUM
OpenStack Keystone < 2012.1.3 and < 8.0.0a0 - Denial of Service via Long Tenant Name
Apr 12, 2013
CVSS 6.5
EPSS 0.03
CVE-2013-1665
OpenStack Folsom and Keystone Essex - XML External Entity Injection
Apr 03, 2013
EPSS 0.05
CVE-2013-1664
OpenStack Keystone Essex/Folsom/Grizzly, Nova Essex/Folsom, Cinder Folsom DoS via XML Entity Expansion
Apr 03, 2013
EPSS 0.05
CVE-2013-1865
OpenStack Keystone Folsom 2012.2 - Improper Authentication via Revoked PKI Token Bypass
Mar 22, 2013
EPSS 0.03
CVE-2013-1840
OpenStack Glance Essex/Folsom/Grizzly - Sensitive Information Exposure via v1 API
Mar 22, 2013
EPSS 0.01
CVE-2013-1838
OpenStack Nova Essex/Folsom/Grizzly - Authenticated DoS via IP Quota Exhaustion
Mar 22, 2013
EPSS 0.03
CVE-2013-0335
OpenStack Compute (Nova) Essex, Folsom, and Grizzly - Authenticated VM Access via VNC Token Reuse
Mar 22, 2013
EPSS 0.02
CVE-2013-0266
MEDIUM
OpenStack Essex - Information Disclosure via World-Readable Configuration Files
Mar 08, 2013
CVSS 5.5
EPSS 0.00
CVE-2013-0261
HIGH
OpenStack Essex - Arbitrary File Write via Symlink Attack on Predictable Temporary File
Mar 08, 2013
CVSS 8.8
EPSS 0.00
CVE-2013-0212
OpenStack Glance 2012.1-2012.2.2 - Authenticated Sensitive Information Exposure via Swift Endpoint Error Messages
Feb 24, 2013
EPSS 0.03
CVE-2013-0247
OpenStack Keystone Essex/Folsom/Grizzly DoS via Invalid Token Request Logging
Feb 24, 2013
EPSS 0.03
CVE-2013-0208
OpenStack Compute (Nova) Folsom and Essex - Authenticated Volume Access Bypass via block_device_mapping Parameter
Feb 13, 2013
EPSS 0.03
CVE-2012-5476
MEDIUM
RHOS Essex Preview - Info Disclosure
Dec 30, 2019
CVSS 5.5
EPSS 0.00
CVE-2012-5474
MEDIUM
Red Hat OpenStack Platform <2.0 - Info Disclosure
Dec 30, 2019
CVSS 5.5
EPSS 0.00
CVE-2012-1572
HIGH
OpenStack Keystone - Denial of Service via Excessive Password Length
Nov 12, 2019
CVSS 7.5
EPSS 0.01
CVE-2012-5625
OpenStack Compute (Nova) Folsom <2012.2.2 - Info Disclosure
Dec 26, 2012
EPSS 0.02
CVE-2012-5483
OpenStack Keystone 2012.1.3 - Info Disclosure
Dec 26, 2012
EPSS 0.00
CVE-2012-5571
MEDIUM
OpenStack Keystone Essex/Folsom - Auth Bypass
Dec 18, 2012
CVSS 5.4
EPSS 0.02
CVE-2012-5563
OpenStack Keystone < 8.0.0 - Authenticated Authorization Bypass via Token Chaining
Dec 18, 2012
EPSS 0.03
CVE-2012-5482
OpenStack Glance Grizzly/Folsom/Essex - RCE
Nov 11, 2012
EPSS 0.03
CVE-2012-4573
OpenStack Glance <2012.2 - Auth Bypass
Nov 11, 2012
EPSS 0.03
Products
keystone 44
nova 39
folsom 25
neutron 25
horizon 22
essex 15
image_registry_and_delivery_service_\(glance\) 15
grizzly 14
swift 14
Ironic 12
compute 12
glance 12
havana 11
cinder 9
ironic 9
Keystone 8
heat 7
python-keystoneclient 7
barbican 5
tripleo_heat_templates 5
icehouse 4
keystonemiddleware 4
trove 3
Cyborg 2
Horizon 2
Neutron 2
Nova 2
Swift 2
ceilometer 2
cloud_magnum_orchestration 2
Quick Filters