openstack

295 tracked vulnerabilities.

CVE-2014-0162
OpenStack Glance <2013.2.4, <icehouse-rc2 - Command Injection
Apr 27, 2014
EPSS 0.02
CVE-2014-2828
OpenStack Keystone - Denial of Service via Authentication Chaining
Apr 15, 2014
EPSS 0.03
CVE-2014-0167
OpenStack Compute <2013.2.4-icehouse-rc2 - Privilege Escalation
Apr 15, 2014
EPSS 0.02
CVE-2014-0157
OpenStack Horizon <2013.2.4, icehouse-rc2 - XSS
Apr 15, 2014
EPSS 0.01
CVE-2014-0105
OpenStack Python client <0.7.0 - Privilege Escalation
Apr 15, 2014
EPSS 0.01
CVE-2014-2237
OpenStack Identity (Keystone) - Info Disclosure
Apr 01, 2014
EPSS 0.01
CVE-2014-2573
OpenStack Compute (Nova) 2013.2-2013.2.2 - Authenticated Denial of Service via VM Rescue Status Bypass
Mar 25, 2014
EPSS 0.01
CVE-2014-1948
OpenStack Glance <2013.2.1 - Info Disclosure
Feb 14, 2014
EPSS 0.00
CVE-2014-0006
OpenStack Swift <1.8.0, <1.10.0, <1.11.0 - Info Disclosure
Jan 23, 2014
EPSS 0.02
CVE-2013-2167 CRITICAL
python-keystoneclient 0.2.3-0.2.5 - Middleware Memcache Signing Bypass
Dec 10, 2019
CVSS 9.8
EPSS 0.02
CVE-2013-2166 CRITICAL
python-keystoneclient 0.2.3-0.2.5 - Inadequate Encryption Strength in Memcache Middleware
Dec 10, 2019
CVSS 9.8
EPSS 0.02
CVE-2013-0326 MEDIUM
OpenStack Nova - Unprotected Base Image Data Exposure via World-Readable Permissions
Dec 05, 2019
CVSS 5.5
EPSS 0.00
CVE-2013-2255 MEDIUM
OpenStack Keystone 2013 and Compute 2013.1 - Improper Certificate Validation
Nov 01, 2019
CVSS 5.9
EPSS 0.01
CVE-2013-6433
openstack neutron < 2013.2.3 - Privilege Escalation via Rootwrap Configuration
Jun 02, 2014
EPSS 0.03
CVE-2013-2014
OpenStack Keystone < 2013.1 - Denial of Service via Long Requests
Jun 02, 2014
EPSS 0.03
CVE-2013-4471
OpenStack Horizon < 2013.2 - Unauthenticated Password Change via Identity v3 API
May 14, 2014
EPSS 0.01
CVE-2013-6437
OpenStack Nova < 2013.2.2 and icehouse < icehouse-2 - Authenticated Denial of Service via Unique os_type Settings
Mar 06, 2014
EPSS 0.02
CVE-2013-6396
OpenStack Swift Python Client 1.0-1.9.0 - Unauthenticated Man-in-the-Middle via Unverified X.509 Certificates
Feb 18, 2014
EPSS 0.01
CVE-2013-7130
OpenStack Compute - Info Disclosure
Feb 06, 2014
EPSS 0.02
CVE-2013-4463
OpenStack Nova Folsom/Grizzly/Havana DoS via QCOW2 Image Bypass
Feb 06, 2014
EPSS 0.00
CVE-2013-6491
OpenStack Oslo < 2013.2 - Unauthenticated Sensitive Information Exposure via Qpid SSL Enforcement Bypass
Feb 02, 2014
EPSS 0.02
CVE-2013-7048
OpenStack Nova < 2013.1.4 and 2013.2.1 - Unprotected Live Snapshot Data Exposure via World-Writable Temporary Directory
Jan 23, 2014
EPSS 0.00
CVE-2013-2104
python-keystoneclient < 0.2.4 - Authenticated Token Expiry Bypass
Jan 21, 2014
EPSS 0.02
CVE-2013-6419
OpenStack Havana < 2013.2.1 - Exposure of Sensitive Metadata via Spoofed Device ID
Jan 07, 2014
EPSS 0.02
CVE-2013-2030
OpenStack Nova Folsom, Grizzly, Havana - Server Spoofing via Insecure Temporary Directory
Dec 27, 2013
EPSS 0.00