openstack

295 tracked vulnerabilities.

CVE-2014-7960
OpenStack Swift < 2.2.0 - Authenticated Metadata Constraint Bypass via Multiple Requests
Oct 17, 2014
EPSS 0.03
CVE-2014-8750
OpenStack Compute (Nova) <2014.1.4, <2014.2-2014.2rc1 - Privilege E...
Oct 15, 2014
EPSS 0.02
CVE-2014-7231
OpenStack <2013.2.4 & <2014.1.3 - Info Disclosure
Oct 08, 2014
EPSS 0.01
CVE-2014-7230
OpenStack <2013.2.4 & <2014.1.3 - Info Disclosure
Oct 08, 2014
EPSS 0.00
CVE-2014-3641
OpenStack Cinder < 2014.1.3 - Authenticated Sensitive Information Exposure via Crafted qcow2 Header
Oct 08, 2014
EPSS 0.02
CVE-2014-3632
openstack neutron 2014.1-2014.1.2 - Remote Privilege Escalation via Sudoers Configuration
Oct 07, 2014
EPSS 0.03
CVE-2014-3608
OpenStack Nova < 2014.1.3 - Authenticated Denial of Service via VM Rescue State Bypass
Oct 06, 2014
EPSS 0.02
CVE-2014-7144
OpenStack keystonemiddleware <0.11.0-1.2.0 - Man-in-the-Middle
Oct 02, 2014
EPSS 0.02
CVE-2014-6414
OpenStack Neutron <2014.2.4-2014.1.2 - Privilege Escalation
Oct 02, 2014
EPSS 0.02
CVE-2014-3621
OpenStack Keystone <2013.2.3/2014.1<2014.1.2.1 Authenticated Sensitive Info Exposure
Oct 02, 2014
EPSS 0.02
CVE-2014-5356
OpenStack Glance < 2013.2.4, 2014.x < 2014.1.3, Juno < Juno-3 - Authenticated Denial of Service via V2 API Image Upload
Aug 25, 2014
EPSS 0.02
CVE-2014-5253
OpenStack Keystone 2014.1.x < 2014.1.2.1 and Juno < Juno-3 - Authenticated Token Persistence via Invalidated Domain
Aug 25, 2014
EPSS 0.01
CVE-2014-5252
OpenStack Keystone 2014.1.x < 2014.1.2.1 and Juno < Juno-3 - Authenticated Token Expiration Bypass via V3 API
Aug 25, 2014
EPSS 0.02
CVE-2014-5251
OpenStack Keystone < 2014.1.2.1 / Juno < Juno-3 Token Expiration Bypass
Aug 25, 2014
EPSS 0.02
CVE-2014-3594
OpenStack Horizon < 2013.2.4, 2014.1 < 2014.1.2, Juno < Juno-3 - Cross-Site Scripting via Host Aggregate Name
Aug 22, 2014
EPSS 0.02
CVE-2014-4615
OpenStack PyCADF <0.5.0, Telemetry <2013.2.4, Neutron <2014.1.2, Ju...
Aug 19, 2014
EPSS 0.03
CVE-2014-3517
OpenStack Nova < 2013.2.4 - Instance ID Signature Exposure via Metadata Request Timing
Aug 07, 2014
EPSS 0.02
CVE-2014-3555
OpenStack Neutron DoS via Allowed Address Pairs (2013.2.4, 2014.1.2, Juno-2)
Jul 23, 2014
EPSS 0.02
CVE-2014-4167
OpenStack Neutron <2013.2.4, 2014.x <2014.1.2, Juno-2 - DoS
Jul 11, 2014
EPSS 0.02
CVE-2014-3497
OpenStack Swift 1.11.0-1.13.1 - Cross-Site Scripting via WWW-Authenticate Header
Jul 03, 2014
EPSS 0.02
CVE-2014-3476
OpenStack Keystone Privilege Escalation via Chained Delegation
Jun 17, 2014
EPSS 0.02
CVE-2014-3801
OpenStack Heat 2013.2-2013.2.3 and 2014.1 - Authenticated Provider Template URL Exposure via Resource-Type-List
May 23, 2014
EPSS 0.02
CVE-2014-0134
OpenStack Compute (Nova) <2013.2.3-2014.1 - Info Disclosure
May 08, 2014
EPSS 0.01
CVE-2014-0056
OpenStack Neutron <2013.2.3 - Privilege Escalation
May 08, 2014
EPSS 0.01
CVE-2014-0187
OpenStack Neutron <2013.2.4-2014.1.1 - Auth Bypass
Apr 28, 2014
EPSS 0.03