Filtered by vendor Openstack
Subscribe
Total
259 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-1838 | 2 Canonical, Openstack | 4 Ubuntu Linux, Essex, Folsom and 1 more | 2025-04-11 | 4.0 MEDIUM | N/A |
|
OpenStack Compute (Nova) Grizzly, Folsom (2012.2), and Essex (2012.1) does not properly implement a quota for fixed IPs, which allows remote authenticated users to cause a denial of service (resource exhaustion and failure to spawn new instances) via a large number of calls to the addFixedIp function.
|
|||||
| CVE-2012-3540 | 1 Openstack | 1 Horizon | 2025-04-11 | 5.8 MEDIUM | N/A |
|
Open redirect vulnerability in views/auth_forms.py in OpenStack Dashboard (Horizon) Essex (2012.1) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the next parameter to auth/login/. NOTE: this issue was originally assigned CVE-2012-3542 by mistake.
|
|||||
| CVE-2013-6391 | 3 Canonical, Openstack, Redhat | 3 Ubuntu Linux, Keystone, Openstack | 2025-04-11 | 5.8 MEDIUM | N/A |
|
The ec2tokens API in OpenStack Identity (Keystone) before Havana 2013.2.1 and Icehouse before icehouse-2 does not return a trust-scoped token when one is received, which allows remote trust users to gain privileges by generating EC2 credentials from a trust-scoped token and using them in an ec2tokens API request.
|
|||||
| CVE-2013-4222 | 4 Canonical, Fedoraproject, Openstack and 1 more | 4 Ubuntu Linux, Fedora, Keystone and 1 more | 2025-04-11 | 6.5 MEDIUM | N/A |
|
OpenStack Identity (Keystone) Folsom, Grizzly 2013.1.3 and earlier, and Havana before havana-3 does not properly revoke user tokens when a tenant is disabled, which allows remote authenticated users to retain access via the token.
|
|||||
| CVE-2013-0266 | 1 Openstack | 2 Essex, Folsom | 2025-04-11 | 2.1 LOW | N/A |
|
manifests/base.pp in the puppetlabs-cinder module, as used in PackStack, uses world-readable permissions for the (1) cinder.conf and (2) api-paste.ini configuration files, which allows local users to read OpenStack administrative passwords by reading the files.
|
|||||
| CVE-2013-2104 | 1 Openstack | 1 Python-keystoneclient | 2025-04-11 | 5.5 MEDIUM | N/A |
|
python-keystoneclient before 0.2.4, as used in OpenStack Keystone (Folsom), does not properly check expiry for PKI tokens, which allows remote authenticated users to (1) retain use of a token after it has expired, or (2) use a revoked token once it expires.
|
|||||
| CVE-2013-6428 | 1 Openstack | 1 Heat | 2025-04-11 | 4.0 MEDIUM | N/A |
|
The ReST API in OpenStack Orchestration API (Heat) before Havana 2013.2.1 and Icehouse before icehouse-2 allows remote authenticated users to bypass the tenant scoping restrictions via a modified tenant_id in the request path.
|
|||||
| CVE-2013-1840 | 2 Amazon, Openstack | 5 S3 Store, Essex, Folsom and 2 more | 2025-04-11 | 3.5 LOW | N/A |
|
The v1 API in OpenStack Glance Essex (2012.1), Folsom (2012.2), and Grizzly, when using the single-tenant Swift or S3 store, reports the location field, which allows remote authenticated users to obtain the operator's backend credentials via a request for a cached image.
|
|||||
| CVE-2013-4261 | 2 Openstack, Redhat | 3 Folsom, Grizzly, Openstack | 2025-04-11 | 3.5 LOW | N/A |
|
OpenStack Compute (Nova) Folsom, Grizzly, and earlier, when using Apache Qpid for the RPC backend, does not properly handle errors that occur during messaging, which allows remote attackers to cause a denial of service (connection pool consumption), as demonstrated using multiple requests that send long strings to an instance console and retrieving the console log.
|
|||||
| CVE-2013-4477 | 1 Openstack | 2 Grizzly, Havana | 2025-04-11 | 3.3 LOW | N/A |
|
The LDAP backend in OpenStack Identity (Keystone) Grizzly and Havana, when removing a role on a tenant for a user who does not have that role, adds the role to the user, which allows local users to gain privileges.
|
|||||
| CVE-2012-3426 | 1 Openstack | 3 Essex, Horizon, Keystone | 2025-04-11 | 4.9 MEDIUM | N/A |
|
OpenStack Keystone before 2012.1.1, as used in OpenStack Folsom before Folsom-1 and OpenStack Essex, does not properly implement token expiration, which allows remote authenticated users to bypass intended authorization restrictions by (1) creating new tokens through token chaining, (2) leveraging possession of a token for a disabled user account, or (3) leveraging possession of a token for an account with a changed password.
|
|||||
| CVE-2013-1665 | 1 Openstack | 2 Folsom, Keystone Essex | 2025-04-11 | 5.0 MEDIUM | N/A |
|
The XML libraries for Python 3.4, 3.3, 3.2, 3.1, 2.7, and 2.6, as used in OpenStack Keystone Essex and Folsom, Django, and possibly other products allow remote attackers to read arbitrary files via an XML external entity declaration in conjunction with an entity reference, aka an XML External Entity (XXE) attack.
|
|||||
| CVE-2013-1977 | 1 Openstack | 1 Devstack | 2025-04-11 | 2.1 LOW | N/A |
|
OpenStack devstack uses world-readable permissions for keystone.conf, which allows local users to obtain sensitive information such as the LDAP password and admin_token secret by reading the file.
|
|||||
| CVE-2013-1865 | 2 Canonical, Openstack | 2 Ubuntu Linux, Folsom | 2025-04-11 | 6.8 MEDIUM | N/A |
|
OpenStack Keystone Folsom (2012.2) does not properly perform revocation checks for Keystone PKI tokens when done through a server, which allows remote attackers to bypass intended access restrictions via a revoked PKI token.
|
|||||
| CVE-2012-5625 | 1 Openstack | 2 Folsom, Grizzly | 2025-04-11 | 4.3 MEDIUM | N/A |
|
OpenStack Compute (Nova) Folsom before 2012.2.2 and Grizzly, when using libvirt and LVM backed instances, does not properly clear physical volume (PV) content when reallocating for instances, which allows attackers to obtain sensitive information by reading the memory of the previous logical volume (LV).
|
|||||
| CVE-2013-6858 | 3 Canonical, Openstack, Opensuse | 3 Ubuntu Linux, Horizon, Opensuse | 2025-04-11 | 4.3 MEDIUM | N/A |
|
Multiple cross-site scripting (XSS) vulnerabilities in OpenStack Dashboard (Horizon) 2013.2 and earlier allow local users to inject arbitrary web script or HTML via an instance name to (1) "Volumes" or (2) "Network Topology" page.
|
|||||
| CVE-2013-4278 | 1 Openstack | 1 Compute | 2025-04-11 | 3.5 LOW | N/A |
|
The "create an instance" API in OpenStack Compute (Nova) Folsom, Grizzly, and Havana does not properly enforce the os-flavor-access:is_public property, which allows remote authenticated users to boot arbitrary flavors by guessing the flavor id. NOTE: this issue is due to an incomplete fix for CVE-2013-2256.
|
|||||
| CVE-2013-4183 | 1 Openstack | 1 Cinder | 2025-04-11 | 2.1 LOW | N/A |
|
The clear_volume function in LVMVolumeDriver driver in OpenStack Cinder 2013.1.1 through 2013.1.2 does not properly clear data when deleting a snapshot, which allows local users to obtain sensitive information via unspecified vectors.
|
|||||
| CVE-2013-6491 | 2 Openstack, Redhat | 2 Oslo, Openstack | 2025-04-11 | 4.3 MEDIUM | N/A |
|
The python-qpid client (common/rpc/impl_qpid.py) in OpenStack Oslo before 2013.2 does not enforce SSL connections when qpid_protocol is set to ssl, which allows remote attackers to obtain sensitive information by sniffing the network.
|
|||||
| CVE-2013-7048 | 1 Openstack | 1 Nova | 2025-04-11 | 3.3 LOW | N/A |
|
OpenStack Compute (Nova) Grizzly 2013.1.4, Havana 2013.2.1, and earlier uses world-writable and world-readable permissions for the temporary directory used to store live snapshots, which allows local users to read and modify live snapshots.
|
|||||
| CVE-2013-0247 | 2 Canonical, Openstack | 2 Ubuntu Linux, Keystone | 2025-04-11 | 5.0 MEDIUM | N/A |
|
OpenStack Keystone Essex 2012.1.3 and earlier, Folsom 2012.2.3 and earlier, and Grizzly grizzly-2 and earlier allows remote attackers to cause a denial of service (disk consumption) via many invalid token requests that trigger excessive generation of log entries.
|
|||||
| CVE-2013-6384 | 1 Openstack | 1 Ceilometer | 2025-04-11 | 1.9 LOW | N/A |
|
(1) impl_db2.py and (2) impl_mongodb.py in OpenStack Ceilometer 2013.2 and earlier, when the logging level is set to INFO, logs the connection string from ceilometer.conf, which allows local users to obtain sensitive information (the DB2 or MongoDB password) by reading the log file.
|
|||||
| CVE-2013-0208 | 2 Canonical, Openstack | 3 Ubuntu Linux, Essex, Folsom | 2025-04-11 | 6.5 MEDIUM | N/A |
|
The boot-from-volume feature in OpenStack Compute (Nova) Folsom and Essex, when using nova-volumes, allows remote authenticated users to boot from other users' volumes via a volume id in the block_device_mapping parameter.
|
|||||
| CVE-2013-2096 | 1 Openstack | 3 Folsom, Grizzly, Havana | 2025-04-11 | 2.1 LOW | N/A |
|
OpenStack Compute (Nova) Folsom, Grizzly, and Havana does not verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service (host file system disk consumption) by creating an image with a large virtual size that does not contain a large amount of data.
|
|||||
| CVE-2013-4294 | 1 Openstack | 1 Keystone | 2025-04-11 | 5.0 MEDIUM | N/A |
|
The (1) mamcache and (2) KVS token backends in OpenStack Identity (Keystone) Folsom 2012.2.x and Grizzly before 2013.1.4 do not properly compare the PKI token revocation list with PKI tokens, which allow remote attackers to bypass intended access restrictions via a revoked PKI token.
|
|||||
| CVE-2013-4463 | 1 Openstack | 3 Folsom, Grizzly, Havana | 2025-04-11 | 2.1 LOW | N/A |
|
OpenStack Compute (Nova) Folsom, Grizzly, and Havana does not properly verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service (host file system disk consumption) via a compressed QCOW2 image. NOTE: this issue is due to an incomplete fix for CVE-2013-2096.
|
|||||
| CVE-2022-47950 | 2 Debian, Openstack | 2 Debian Linux, Swift | 2025-04-04 | N/A | 6.5 MEDIUM |
|
An issue was discovered in OpenStack Swift before 2.28.1, 2.29.x before 2.29.2, and 2.30.0. By supplying crafted XML files, an authenticated user may coerce the S3 API into returning arbitrary file contents from the host server, resulting in unauthorized read access to potentially sensitive data. This impacts both s3api deployments (Rocky or later), and swift3 deployments (Queens and earlier, no longer actively developed).
|
|||||
| CVE-2022-3100 | 2 Openstack, Redhat | 5 Barbican, Enterprise Linux Eus, Openstack and 2 more | 2025-04-03 | N/A | 5.9 MEDIUM |
|
A flaw was found in the openstack-barbican component. This issue allows an access policy bypass via a query string when accessing the API.
|
|||||
| CVE-2022-47951 | 2 Debian, Openstack | 4 Debian Linux, Cinder, Glance and 1 more | 2025-03-31 | N/A | 5.7 MEDIUM |
|
An issue was discovered in OpenStack Cinder before 19.1.2, 20.x before 20.0.2, and 21.0.0; Glance before 23.0.1, 24.x before 24.1.1, and 25.0.0; and Nova before 24.1.2, 25.x before 25.0.2, and 26.0.0. By supplying a specially created VMDK flat image that references a specific backing file path, an authenticated user may convince systems to return a copy of that file's contents from the server, resulting in unauthorized access to potentially sensitive data.
|
|||||
| CVE-2024-29156 | 1 Openstack | 2 Murano, Yaql | 2025-03-25 | N/A | 6.5 MEDIUM |
|
In OpenStack Murano through 16.0.0, when YAQL before 3.0.0 is used, the Murano service's MuranoPL extension to the YAQL language fails to sanitize the supplied environment, leading to potential leakage of sensitive service account information.
|
|||||
| CVE-2022-3277 | 2 Openstack, Redhat | 2 Neutron, Openstack Platform | 2025-03-07 | N/A | 6.5 MEDIUM |
|
An uncontrolled resource consumption flaw was found in openstack-neutron. This flaw allows a remote authenticated user to query a list of security groups for an invalid project. This issue creates resources that are unconstrained by the user's quota. If a malicious user were to submit a significant number of requests, this could lead to a denial of service.
|
|||||
| CVE-2022-4134 | 2 Openstack, Redhat | 2 Glance, Openstack | 2025-03-06 | N/A | 2.8 LOW |
|
A flaw was found in openstack-glance. This issue could allow a remote, authenticated attacker to tamper with images, compromising the integrity of virtual machines created using these modified images.
|
|||||
| CVE-2017-18017 | 9 Arista, Canonical, Debian and 6 more | 29 Eos, Ubuntu Linux, Debian Linux and 26 more | 2025-01-03 | 10.0 HIGH | 9.8 CRITICAL |
|
The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action.
|
|||||
| CVE-2024-1141 | 1 Openstack | 1 Glance-store | 2024-11-21 | N/A | 5.5 MEDIUM |
|
A vulnerability was found in python-glance-store. The issue occurs when the package logs the access_key for the glance-store when the DEBUG log level is enabled.
|
|||||
| CVE-2023-1636 | 2 Openstack, Redhat | 2 Barbican, Openstack Platform | 2024-11-21 | N/A | 6.0 MEDIUM |
|
A vulnerability was found in OpenStack Barbican containers. This vulnerability is only applicable to deployments that utilize an all-in-one configuration. Barbican containers share the same CGROUP, USER, and NET namespace with the host system and other OpenStack services. If any service is compromised, it could gain access to the data transmitted to and from Barbican.
|
|||||
| CVE-2023-1633 | 2 Openstack, Redhat | 2 Barbican, Openstack Platform | 2024-11-21 | N/A | 6.6 MEDIUM |
|
A credentials leak flaw was found in OpenStack Barbican. This flaw allows a local authenticated attacker to read the configuration file, gaining access to sensitive credentials.
|
|||||
| CVE-2023-1625 | 2 Openstack, Redhat | 2 Heat, Openstack Platform | 2024-11-21 | N/A | 7.4 HIGH |
|
An information leak was discovered in OpenStack heat. This issue could allow a remote, authenticated attacker to use the 'stack show' command to reveal parameters which are supposed to remain hidden. This has a low impact to the confidentiality, integrity, and availability of the system.
|
|||||
| CVE-2022-45582 | 1 Openstack | 1 Horizon | 2024-11-21 | N/A | 6.1 MEDIUM |
|
Open Redirect vulnerability in Horizon Web Dashboard 19.4.0 thru 20.1.4 via the success_url parameter.
|
|||||
| CVE-2022-3146 | 2 Openstack, Redhat | 3 Tripleo Ansible, Openstack, Openstack For Ibm Power | 2024-11-21 | N/A | 5.5 MEDIUM |
|
A flaw was found in tripleo-ansible. Due to an insecure default configuration, the permissions of a sensitive file are not sufficiently restricted. This flaw allows a local attacker to use brute force to explore the relevant directory and discover the file. This issue leads to information disclosure of important configuration details from the OpenStack deployment.
|
|||||
| CVE-2022-3101 | 2 Openstack, Redhat | 3 Tripleo Ansible, Openstack, Openstack For Ibm Power | 2024-11-21 | N/A | 5.5 MEDIUM |
|
A flaw was found in tripleo-ansible. Due to an insecure default configuration, the permissions of a sensitive file are not sufficiently restricted. This flaw allows a local attacker to use brute force to explore the relevant directory and discover the file, leading to information disclosure of important configuration details from the OpenStack deployment.
|
|||||