Filtered by vendor Openstack
Subscribe
Total
257 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-5695 | 1 Openstack | 1 Designate | 2025-04-20 | 4.0 MEDIUM | 6.5 MEDIUM |
| Designate 2015.1.0 through 1.0.0.0b1 as packaged in OpenStack Kilo does not enforce RecordSets per domain, and Records per RecordSet quotas when processing an internal zone file transfer, which might allow remote attackers to cause a denial of service (infinite loop) via a crafted resource record set. | |||||
| CVE-2017-12440 | 1 Openstack | 1 Openstack | 2025-04-20 | 6.0 MEDIUM | 7.5 HIGH |
| Aodh as packaged in Openstack Ocata and Newton before change-ID I8fd11a7f9fe3c0ea5f9843a89686ac06713b7851 and before Pike-rc1 does not verify that trust IDs belong to the user when creating alarm action with the scheme trust+http, which allows remote authenticated users with knowledge of trust IDs where Aodh is the trustee to obtain a Keystone token and perform unspecified authenticated actions by adding an alarm action with the scheme trust+http, and providing a trust id where Aodh is the trustee. | |||||
| CVE-2016-6519 | 2 Openstack, Redhat | 2 Manila, Openstack | 2025-04-20 | 3.5 LOW | 5.4 MEDIUM |
| Cross-site scripting (XSS) vulnerability in the "Shares" overview in Openstack Manila before 2.5.1 allows remote authenticated users to inject arbitrary web script or HTML via the Metadata field in the "Create Share" form. | |||||
| CVE-2017-7200 | 1 Openstack | 1 Glance | 2025-04-20 | 5.0 MEDIUM | 5.8 MEDIUM |
| An SSRF issue was discovered in OpenStack Glance before Newton. The 'copy_from' feature in the Image Service API v1 allowed an attacker to perform masked network port scans. With v1, it is possible to create images with a URL such as 'http://localhost:22'. This could then allow an attacker to enumerate internal network details while appearing masked, since the scan would appear to originate from the Glance Image service. | |||||
| CVE-2017-16613 | 2 Debian, Openstack | 3 Debian Linux, Swauth, Swift | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in middleware.py in OpenStack Swauth through 1.2.0 when used with OpenStack Swift through 2.15.1. The Swift object store and proxy server are saving (unhashed) tokens retrieved from the Swauth middleware authentication mechanism to a log file as part of a GET URI. This allows attackers to bypass authentication by inserting a token into an X-Auth-Token header of a new request. NOTE: github.com/openstack/swauth URLs do not mean that Swauth is maintained by an official OpenStack project team. | |||||
| CVE-2017-7214 | 1 Openstack | 1 Nova | 2025-04-20 | 5.0 MEDIUM | 9.8 CRITICAL |
| An issue was discovered in exception_wrapper.py in OpenStack Nova 13.x through 13.1.3, 14.x through 14.0.4, and 15.x through 15.0.1. Legacy notification exception contexts appearing in ERROR level logs may include sensitive information such as account passwords and authorization tokens. | |||||
| CVE-2017-16239 | 1 Openstack | 1 Nova | 2025-04-20 | 4.0 MEDIUM | 6.5 MEDIUM |
| In OpenStack Nova through 14.0.9, 15.x through 15.0.7, and 16.x through 16.0.2, by rebuilding an instance, an authenticated user may be able to circumvent the Filter Scheduler bypassing imposed filters (for example, the ImagePropertiesFilter or the IsolatedHostsFilter). All setups using Nova Filter Scheduler are affected. Because of the regression described in Launchpad Bug #1732947, the preferred fix is a 14.x version after 14.0.10, a 15.x version after 15.0.8, or a 16.x version after 16.0.3. | |||||
| CVE-2015-3156 | 1 Openstack | 1 Trove | 2025-04-20 | 2.1 LOW | 5.5 MEDIUM |
| The _write_config function in trove/guestagent/datastore/experimental/mongodb/service.py, reset_configuration function in trove/guestagent/datastore/experimental/postgresql/service/config.py, write_config function in trove/guestagent/datastore/experimental/redis/service.py, _write_mycnf function in trove/guestagent/datastore/mysql/service.py, InnoBackupEx::_run_prepare function in trove/guestagent/strategies/restore/mysql_impl.py, InnoBackupEx::cmd function in trove/guestagent/strategies/backup/mysql_impl.py, MySQLDump::cmd in trove/guestagent/strategies/backup/mysql_impl.py, InnoBackupExIncremental::cmd function in trove/guestagent/strategies/backup/mysql_impl.py, _get_actual_db_status function in trove/guestagent/datastore/experimental/cassandra/system.py and trove/guestagent/datastore/experimental/cassandra/service.py, and multiple class CbBackup methods in trove/guestagent/strategies/backup/experimental/couchbase_impl.py in Openstack DBaaS (aka Trove) as packaged in Openstack before 2015.1.0 (aka Kilo) allows local users to write to configuration files via a symlink attack on a temporary file. | |||||
| CVE-2015-8234 | 1 Openstack | 1 Glance | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| The image signature algorithm in OpenStack Glance 11.0.0 allows remote attackers to bypass the signature verification process via a crafted image, which triggers an MD5 collision. | |||||
| CVE-2015-7514 | 1 Openstack | 1 Ironic | 2025-04-20 | 4.0 MEDIUM | 6.5 MEDIUM |
| OpenStack Ironic 4.2.0 through 4.2.1 does not "clean" the disk after use, which allows remote authenticated users to obtain sensitive information. | |||||
| CVE-2017-7549 | 2 Openstack, Redhat | 2 Instack-undercloud, Openstack | 2025-04-20 | 3.3 LOW | 6.4 MEDIUM |
| A flaw was found in instack-undercloud 7.2.0 as packaged in Red Hat OpenStack Platform Pike, 6.1.0 as packaged in Red Hat OpenStack Platform Oacta, 5.3.0 as packaged in Red Hat OpenStack Newton, where pre-install and security policy scripts used insecure temporary files. A local user could exploit this flaw to conduct a symbolic-link attack, allowing them to overwrite the contents of arbitrary files. | |||||
| CVE-2017-17051 | 1 Openstack | 1 Nova | 2025-04-20 | 4.0 MEDIUM | 8.6 HIGH |
| An issue was discovered in the default FilterScheduler in OpenStack Nova 16.0.3. By repeatedly rebuilding an instance with new images, an authenticated user may consume untracked resources on a hypervisor host leading to a denial of service, aka doubled resource allocations. This regression was introduced with the fix for OSSA-2017-005 (CVE-2017-16239); however, only Nova stable/pike or later deployments with that fix applied and relying on the default FilterScheduler are affected. | |||||
| CVE-2017-1000366 | 8 Debian, Gnu, Mcafee and 5 more | 20 Debian Linux, Glibc, Web Gateway and 17 more | 2025-04-20 | 7.2 HIGH | 7.8 HIGH |
| glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note that additional hardening changes have been made to glibc to prevent manipulation of stack and heap memory but these issues are not directly exploitable, as such they have not been given a CVE. This affects glibc 2.25 and earlier. | |||||
| CVE-2017-7400 | 1 Openstack | 1 Horizon | 2025-04-20 | 3.5 LOW | 4.8 MEDIUM |
| OpenStack Horizon 9.x through 9.1.1, 10.x through 10.0.2, and 11.0.0 allows remote authenticated administrators to conduct XSS attacks via a crafted federation mapping. | |||||
| CVE-2016-5737 | 1 Openstack | 1 Puppet-gerrit | 2025-04-20 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Gerrit configuration in the Openstack Puppet module for Gerrit (aka puppet-gerrit) improperly marks text/html as a safe mimetype, which might allow remote attackers to conduct cross-site scripting (XSS) attacks via a crafted review. | |||||
| CVE-2017-5936 | 2 Canonical, Openstack | 2 Ubuntu Linux, Nova-lxd | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| OpenStack Nova-LXD before 13.1.1 uses the wrong name for the veth pairs when applying Neutron security group rules for instances, which allows remote attackers to bypass intended security restrictions. | |||||
| CVE-2015-2687 | 1 Openstack | 1 Compute | 2025-04-20 | 1.9 LOW | 4.7 MEDIUM |
| OpenStack Compute (nova) Icehouse, Juno and Havana when live migration fails allows local users to access VM volumes that they would normally not have permissions for. | |||||
| CVE-2016-7498 | 1 Openstack | 1 Compute \(nova\) | 2025-04-12 | 6.8 MEDIUM | 6.5 MEDIUM |
| OpenStack Compute (nova) 13.0.0 does not properly delete instances from compute nodes, which allows remote authenticated users to cause a denial of service (disk consumption) by deleting instances while in the resize state. NOTE: this vulnerability exists because of a CVE-2015-3280 regression. | |||||
| CVE-2015-3646 | 2 Openstack, Oracle | 2 Keystone, Solaris | 2025-04-12 | 4.0 MEDIUM | N/A |
| OpenStack Identity (Keystone) before 2014.1.5 and 2014.2.x before 2014.2.4 logs the backend_argument configuration option content, which allows remote authenticated users to obtain passwords and other sensitive backend information by reading the Keystone logs. | |||||
| CVE-2016-5362 | 1 Openstack | 1 Neutron | 2025-04-12 | 6.4 MEDIUM | 8.2 HIGH |
| The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended DHCP-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via a crafted DHCP discovery message. | |||||