openstack
276 tracked vulnerabilities.
CVE-2014-3497
OpenStack Swift 1.11.0-1.13.1 - Cross-Site Scripting via WWW-Authenticate Header
Jul 03, 2014
EPSS 0.00
CVE-2014-3476
OpenStack Keystone Privilege Escalation via Chained Delegation
Jun 17, 2014
EPSS 0.01
CVE-2014-3801
OpenStack Heat 2013.2-2013.2.3 and 2014.1 - Authenticated Provider Template URL Exposure via Resource-Type-List
May 23, 2014
EPSS 0.00
CVE-2014-0134
OpenStack Compute (Nova) <2013.2.3-2014.1 - Info Disclosure
May 08, 2014
EPSS 0.00
CVE-2014-0056
OpenStack Neutron <2013.2.3 - Privilege Escalation
May 08, 2014
EPSS 0.00
CVE-2014-0187
OpenStack Neutron <2013.2.4-2014.1.1 - Auth Bypass
Apr 28, 2014
EPSS 0.00
CVE-2014-0162
OpenStack Glance <2013.2.4, <icehouse-rc2 - Command Injection
Apr 27, 2014
EPSS 0.01
CVE-2014-2828
OpenStack Keystone - Denial of Service via Authentication Chaining
Apr 15, 2014
EPSS 0.01
CVE-2014-0167
OpenStack Compute <2013.2.4-icehouse-rc2 - Privilege Escalation
Apr 15, 2014
EPSS 0.00
CVE-2014-0157
OpenStack Horizon <2013.2.4, icehouse-rc2 - XSS
Apr 15, 2014
EPSS 0.00
CVE-2014-0105
OpenStack Python client <0.7.0 - Privilege Escalation
Apr 15, 2014
EPSS 0.00
CVE-2014-2237
OpenStack Identity (Keystone) - Info Disclosure
Apr 01, 2014
EPSS 0.00
CVE-2014-2573
OpenStack Compute (Nova) 2013.2-2013.2.2 - Authenticated Denial of Service via VM Rescue Status Bypass
Mar 25, 2014
EPSS 0.00
CVE-2014-1948
OpenStack Glance <2013.2.1 - Info Disclosure
Feb 14, 2014
EPSS 0.00
CVE-2014-0006
OpenStack Swift <1.8.0, <1.10.0, <1.11.0 - Info Disclosure
Jan 23, 2014
EPSS 0.00
CVE-2013-2167
CRITICAL
python-keystoneclient 0.2.3-0.2.5 - Middleware Memcache Signing Bypass
Dec 10, 2019
CVSS 9.8
EPSS 0.01
CVE-2013-2166
CRITICAL
python-keystoneclient 0.2.3-0.2.5 - Inadequate Encryption Strength in Memcache Middleware
Dec 10, 2019
CVSS 9.8
EPSS 0.00
CVE-2013-0326
MEDIUM
OpenStack Nova - Unprotected Base Image Data Exposure via World-Readable Permissions
Dec 05, 2019
CVSS 5.5
EPSS 0.00
CVE-2013-2255
MEDIUM
OpenStack Keystone 2013 and Compute 2013.1 - Improper Certificate Validation
Nov 01, 2019
CVSS 5.9
EPSS 0.00
CVE-2013-6433
openstack neutron < 2013.2.3 - Privilege Escalation via Rootwrap Configuration
Jun 02, 2014
EPSS 0.02
CVE-2013-2014
OpenStack Keystone < 2013.1 - Denial of Service via Long Requests
Jun 02, 2014
EPSS 0.02
CVE-2013-4471
OpenStack Horizon < 2013.2 - Unauthenticated Password Change via Identity v3 API
May 14, 2014
EPSS 0.00
CVE-2013-6437
OpenStack Nova < 2013.2.2 and icehouse < icehouse-2 - Authenticated Denial of Service via Unique os_type Settings
Mar 06, 2014
EPSS 0.00
CVE-2013-6396
OpenStack Swift Python Client 1.0-1.9.0 - Unauthenticated Man-in-the-Middle via Unverified X.509 Certificates
Feb 18, 2014
EPSS 0.00
CVE-2013-7130
OpenStack Compute - Info Disclosure
Feb 06, 2014
EPSS 0.03
Products
keystone 39
nova 38
folsom 25
neutron 25
horizon 22
essex 15
image_registry_and_delivery_service_\(glance\) 15
grizzly 14
swift 13
compute 12
glance 12
havana 11
cinder 9
heat 7
python-keystoneclient 7
Ironic 5
barbican 5
tripleo_heat_templates 5
Keystone 4
icehouse 4
keystonemiddleware 3
trove 3
Cyborg 2
ceilometer 2
cloud_magnum_orchestration 2
designate 2
diablo 2
keystone_essex 2
magnum 2
manila 2
Quick Filters