Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2013-4202HistorySep 16, 2013 - 7:14 p.m.
CVE-2013-4202
2013-09-1619:14:00
Debian Security Bug Tracker
security-tracker.debian.org
13
The (1) backup (api/contrib/backups.py) and (2) volume transfer (contrib/volume_transfer.py) APIs in OpenStack Cinder Grizzly 2013.1.3 and earlier allows remote attackers to cause a denial of service (resource consumption and crash) via an XML Entity Expansion (XEE) attack. NOTE: this issue is due to an incomplete fix for CVE-2013-1664.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | cinder | < 2013.1.2-4 | cinder_2013.1.2-4_all.deb |
| Debian | 11 | all | cinder | < 2013.1.2-4 | cinder_2013.1.2-4_all.deb |
| Debian | 10 | all | cinder | < 2013.1.2-4 | cinder_2013.1.2-4_all.deb |
| Debian | 999 | all | cinder | < 2013.1.2-4 | cinder_2013.1.2-4_all.deb |
Related
ubuntucve
ubuntucve
github
github
OpenStack Cinder Denial of Service using XML entities
2022-05-14 01:58:45
prion
prion
Design/Logic Flaw
2013-09-16 19:14:00
Code injection
2013-04-03 00:55:00
Security feature bypass
2013-09-16 19:14:00
cve
cve
veracode
veracode
Denial Of Service (DoS)
2019-05-02 04:48:39
Denial Of Service (DoS)
2019-01-15 09:00:49
XML External Entity (XXE)
2019-05-02 04:44:12
redhat
redhat
(RHSA-2013:1198) Moderate: openstack-cinder security update
2013-09-03 00:00:00
(RHSA-2013:0658) Moderate: openstack-cinder security and enhancement update
2013-03-21 00:00:00
securityvulns
securityvulns
[USN-1734-1] OpenStack Nova vulnerability
2013-02-24 00:00:00
[USN-1731-1] OpenStack Cinder vulnerability
2013-02-24 00:00:00
[USN-1730-1] OpenStack Keystone vulnerabilities
2013-02-24 00:00:00
openvas
openvas
Ubuntu Update for nova USN-1734-1
2013-02-22 00:00:00
Ubuntu Update for cinder USN-1731-1
2013-02-22 00:00:00
Ubuntu: Security Advisory (USN-1731-1)
2013-02-22 00:00:00
debiancve
debiancve
CVE-2013-1664
2013-04-03 00:55:00
CVE-2013-4179
2013-09-16 19:14:00
nessus
nessus
Ubuntu 12.10 : cinder vulnerability (USN-1731-1)
2013-02-21 00:00:00
Ubuntu 11.10 / 12.04 LTS / 12.10 : nova vulnerability (USN-1734-1)
2013-02-22 00:00:00
RHEL 6 : openstack-cinder (RHSA-2013:1198)
2024-04-21 00:00:00
ubuntu
ubuntu
OpenStack Cinder vulnerability
2013-02-21 00:00:00
OpenStack Nova vulnerability
2013-02-21 00:00:00
OpenStack Keystone vulnerabilities
2013-02-20 00:00:00
osv
osv
freebsd
freebsd
django -- multiple vulnerabilities
2013-02-21 00:00:00
fedora
fedora
[SECURITY] Fedora 18 Update: openstack-keystone-2012.2.3-3.fc18
2013-03-04 22:39:17
[SECURITY] Fedora 18 Update: openstack-keystone-2012.2.3-5.fc18
2013-04-08 22:52:02
[SECURITY] Fedora 18 Update: openstack-keystone-2012.2.4-3.fc18
2013-05-22 01:29:47
gentoo
gentoo
libxml2: Multiple vulnerabilities
2013-11-10 00:00:00
AMD64 x86 emulation base libraries: Multiple vulnerabilities
2014-12-12 00:00:00