openstack

276 tracked vulnerabilities.

CVE-2015-5286
OpenStack Image Service - Auth Bypass
Oct 26, 2015
EPSS 0.00
CVE-2015-5251
OpenStack Image Service - Auth Bypass
Oct 26, 2015
EPSS 0.00
CVE-2015-5223
OpenStack Swift <2.4.0 - Info Disclosure
Oct 26, 2015
EPSS 0.01
CVE-2015-3280
OpenStack Nova < 2014.2.4 and 2015.1.x < 2015.1.2 - Authenticated Denial of Service via Instance Deletion During Resize
Oct 26, 2015
EPSS 0.01
CVE-2015-3241
OpenStack Compute <2015.1.1-2014.2.3 - DoS
Sep 08, 2015
EPSS 0.02
CVE-2015-3221
OpenStack Neutron < 2014.2.4 and 2015.1.x < 2015.1.1 - Authenticated Denial of Service via IPTables Firewall Driver
Aug 26, 2015
EPSS 0.14
CVE-2015-3219
OpenStack Dashboard (Horizon) <2014.2.4-2015.1.1 - XSS
Aug 20, 2015
EPSS 0.00
CVE-2015-5163
OpenStack Glance 2015.1.x < 2015.1.2 - Authenticated Arbitrary File Read via QCOW2 Backing File
Aug 19, 2015
EPSS 0.00
CVE-2015-3289
OpenStack Glance < 2015.1.0 - Authenticated Denial of Service via Image Import Task Flow API
Aug 14, 2015
EPSS 0.00
CVE-2015-1851
Canonical Ubuntu Linux < 2014.1.4 - Information Disclosure
Jun 25, 2015
EPSS 0.01
CVE-2015-3988
OpenStack Horizon 2015.1.0 - Authenticated Cross-Site Scripting via Metadata
May 19, 2015
EPSS 0.00
CVE-2015-3646
OpenStack Identity (Keystone) <2014.1.5-2014.2.4 - Info Disclosure
May 12, 2015
EPSS 0.00
CVE-2015-1856
OpenStack Swift < 2.3.0 - Authenticated Arbitrary Object Deletion via x-versions-location Container
Apr 17, 2015
EPSS 0.01
CVE-2015-1852
OpenStack keystonemiddleware <1.6.0/python-keystoneclient <1.4.0 - ...
Apr 17, 2015
EPSS 0.00
CVE-2015-0259
OpenStack Nova < 2014.1.4, 2014.2.x < 2014.2.3, kilo < kilo-3 - WebSocket Authentication Hijacking via Crafted Webpage
Apr 01, 2015
EPSS 0.00
CVE-2015-1881
OpenStack Glance 2014.2-2014.2.2 Authenticated DoS via Task v2 API Image Deletion
Feb 24, 2015
EPSS 0.01
CVE-2015-1195
OpenStack Image Registry and Delivery Service - Info Disclosure
Jan 21, 2015
EPSS 0.01
CVE-2014-9684
OpenStack Image Registry and Delivery Service - DoS
Feb 24, 2015
EPSS 0.01
CVE-2014-9623
OpenStack Glance <2014.2.x-2014.2.1, 2014.1.3 - Auth Bypass
Jan 23, 2015
EPSS 0.00
CVE-2014-8153
OpenStack Neutron 2014.2.x < 2014.2.2 - Authenticated Denial of Service via IPv6 Router Creation
Jan 15, 2015
EPSS 0.01
CVE-2014-9493
OpenStack Glance <2014.2.2,2014.1.4 - Info Disclosure
Jan 07, 2015
EPSS 0.01
CVE-2014-8124
OpenStack Horizon 2014.1-2014.1.2 and 2014.2 - Denial of Service via Login Page Session Handling
Dec 12, 2014
EPSS 0.01
CVE-2014-7821
OpenStack Neutron 2012.2.1-2014.1.4 - Authenticated Denial of Service via DNS Configuration
Nov 24, 2014
EPSS 0.02
CVE-2014-0204
OpenStack Identity <2014.1.1 - Privilege Escalation
Nov 03, 2014
EPSS 0.00
CVE-2014-8578
OpenStack Horizon < 2013.2.4, 2014.1 < 2014.1.2, and Juno < Juno-2 - Stored Cross-Site Scripting via User Email Address
Oct 31, 2014
EPSS 0.00
Products
keystone 39 nova 38 folsom 25 neutron 25 horizon 22 essex 15 image_registry_and_delivery_service_\(glance\) 15 grizzly 14 swift 13 compute 12 glance 12 havana 11 cinder 9 heat 7 python-keystoneclient 7 Ironic 5 barbican 5 tripleo_heat_templates 5 Keystone 4 icehouse 4 keystonemiddleware 3 trove 3 Cyborg 2 ceilometer 2 cloud_magnum_orchestration 2 designate 2 diablo 2 keystone_essex 2 magnum 2 manila 2
Quick Filters
Critical CVEs With Exploits In CISA KEV