openstack
295 tracked vulnerabilities.
CVE-2015-3219
OpenStack Dashboard (Horizon) <2014.2.4-2015.1.1 - XSS
Aug 20, 2015
EPSS 0.03
CVE-2015-5163
OpenStack Glance 2015.1.x < 2015.1.2 - Authenticated Arbitrary File Read via QCOW2 Backing File
Aug 19, 2015
EPSS 0.01
CVE-2015-3289
OpenStack Glance < 2015.1.0 - Authenticated Denial of Service via Image Import Task Flow API
Aug 14, 2015
EPSS 0.01
CVE-2015-1851
Canonical Ubuntu Linux < 2014.1.4 - Information Disclosure
Jun 25, 2015
EPSS 0.03
CVE-2015-3988
OpenStack Horizon 2015.1.0 - Authenticated Cross-Site Scripting via Metadata
May 19, 2015
EPSS 0.02
CVE-2015-3646
OpenStack Identity (Keystone) <2014.1.5-2014.2.4 - Info Disclosure
May 12, 2015
EPSS 0.03
CVE-2015-1856
OpenStack Swift < 2.3.0 - Authenticated Arbitrary Object Deletion via x-versions-location Container
Apr 17, 2015
EPSS 0.04
CVE-2015-1852
OpenStack keystonemiddleware <1.6.0/python-keystoneclient <1.4.0 - ...
Apr 17, 2015
EPSS 0.03
CVE-2015-0259
OpenStack Nova < 2014.1.4, 2014.2.x < 2014.2.3, kilo < kilo-3 - WebSocket Authentication Hijacking via Crafted Webpage
Apr 01, 2015
EPSS 0.01
CVE-2015-1881
OpenStack Glance 2014.2-2014.2.2 Authenticated DoS via Task v2 API Image Deletion
Feb 24, 2015
EPSS 0.02
CVE-2015-1195
OpenStack Image Registry and Delivery Service - Info Disclosure
Jan 21, 2015
EPSS 0.03
CVE-2014-9684
OpenStack Image Registry and Delivery Service - DoS
Feb 24, 2015
EPSS 0.02
CVE-2014-9623
OpenStack Glance <2014.2.x-2014.2.1, 2014.1.3 - Auth Bypass
Jan 23, 2015
EPSS 0.03
CVE-2014-8153
OpenStack Neutron 2014.2.x < 2014.2.2 - Authenticated Denial of Service via IPv6 Router Creation
Jan 15, 2015
EPSS 0.02
CVE-2014-9493
OpenStack Glance <2014.2.2,2014.1.4 - Info Disclosure
Jan 07, 2015
EPSS 0.03
CVE-2014-8124
OpenStack Horizon 2014.1-2014.1.2 and 2014.2 - Denial of Service via Login Page Session Handling
Dec 12, 2014
EPSS 0.03
CVE-2014-7821
OpenStack Neutron 2012.2.1-2014.1.4 - Authenticated Denial of Service via DNS Configuration
Nov 24, 2014
EPSS 0.04
CVE-2014-0204
OpenStack Identity <2014.1.1 - Privilege Escalation
Nov 03, 2014
EPSS 0.01
CVE-2014-8578
OpenStack Horizon < 2013.2.4, 2014.1 < 2014.1.2, and Juno < Juno-2 - Stored Cross-Site Scripting via User Email Address
Oct 31, 2014
EPSS 0.01
CVE-2014-3475
OpenStack Horizon < 2013.2.4, 2014.1 < 2014.1.2, Juno < Juno-2 - Cross-Site Scripting via User Email Address
Oct 31, 2014
EPSS 0.01
CVE-2014-3474
OpenStack Horizon <2013.2.4, 2014.1<2014.1.2, Juno<Juno-2 - Stored XSS via Network Name
Oct 31, 2014
EPSS 0.02
CVE-2014-3473
OpenStack Horizon < 2013.2.4, 2014.1 < 2014.1.2, Juno < Juno-2 - Cross-Site Scripting in Orchestration Template
Oct 31, 2014
EPSS 0.02
CVE-2014-8333
OpenStack Nova < 2014.1.4 - Authenticated Denial of Service via VMware Driver Instance Deletion
Oct 31, 2014
EPSS 0.02
CVE-2014-3708
OpenStack Nova < 2014.1.4, 2014.2.x < 2014.2.1 - DoS via IP Filter in List Active Servers API
Oct 31, 2014
EPSS 0.03
CVE-2014-3520
OpenStack Keystone < 2013.2.4 - Authenticated Incorrect Authorization via V2 API Trust Token Request
Oct 26, 2014
EPSS 0.02
Products
keystone 44
nova 39
folsom 25
neutron 25
horizon 22
essex 15
image_registry_and_delivery_service_\(glance\) 15
grizzly 14
swift 14
Ironic 12
compute 12
glance 12
havana 11
cinder 9
ironic 9
Keystone 8
heat 7
python-keystoneclient 7
barbican 5
tripleo_heat_templates 5
icehouse 4
keystonemiddleware 4
trove 3
Cyborg 2
Horizon 2
Neutron 2
Nova 2
Swift 2
ceilometer 2
cloud_magnum_orchestration 2
Quick Filters