Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2014:0941
HistoryJul 24, 2014 - 12:00 a.m.

(RHSA-2014:0941) Moderate: openstack-swift security update

2014-07-2400:00:00
access.redhat.com
17

0.003 Low

EPSS

Percentile

66.4%

JSON

OpenStack Object Storage (Swift) provides object storage in virtual
containers, which allows users to store and retrieve files (arbitrary
data).

It was found that Swift did not escape all HTTP header values, allowing
data to be injected into the responses sent from the Swift server. This
could lead to cross-site scripting attacks (and possibly other impacts) if
a user were tricked into clicking on a malicious URL. (CVE-2014-3497)

Red Hat would like to thank the OpenStack project for reporting this issue.
Upstream acknowledges the Globo.com Security Team as the original reporter.

All users of openstack-swift are advised to upgrade to these updated
packages, which correct this issue. After installing this update, the
OpenStack Object Storage services will be restarted automatically.

OSVersionArchitecturePackageVersionFilename
RedHat7noarchpython-swiftclient< 2.1.0-2.el7ostpython-swiftclient-2.1.0-2.el7ost.noarch.rpm
RedHat7noarchopenstack-swift-proxy< 1.13.1-3.el7ostopenstack-swift-proxy-1.13.1-3.el7ost.noarch.rpm
RedHat7srcpython-swiftclient< 2.1.0-2.el7ostpython-swiftclient-2.1.0-2.el7ost.src.rpm
RedHat7noarchopenstack-swift-doc< 1.13.1-3.el7ostopenstack-swift-doc-1.13.1-3.el7ost.noarch.rpm
RedHat7srcopenstack-swift< 1.13.1-3.el7ostopenstack-swift-1.13.1-3.el7ost.src.rpm
RedHat7noarchopenstack-swift-container< 1.13.1-3.el7ostopenstack-swift-container-1.13.1-3.el7ost.noarch.rpm
RedHat7noarchopenstack-swift< 1.13.1-3.el7ostopenstack-swift-1.13.1-3.el7ost.noarch.rpm
RedHat7noarchopenstack-swift-object< 1.13.1-3.el7ostopenstack-swift-object-1.13.1-3.el7ost.noarch.rpm
RedHat7noarchpython-swiftclient-doc< 2.1.0-2.el7ostpython-swiftclient-doc-2.1.0-2.el7ost.noarch.rpm
RedHat7noarchopenstack-swift-account< 1.13.1-3.el7ostopenstack-swift-account-1.13.1-3.el7ost.noarch.rpm

Related

cve 1
ubuntu 1
ubuntucve 1
prion 1
osv 1
nessus 2
nvd 1
ibm 1
veracode 1
openvas 1
cvelist 1
github 1
debiancve 1
securityvulns 1
cve
cve
CVE-2014-3497
2014-07-03 17:55:06
ubuntu
ubuntu
Swift vulnerability
2014-06-25 00:00:00
ubuntucve
ubuntucve
CVE-2014-3497
2014-06-20 00:00:00
prion
prion
Cross site scripting
2014-07-03 17:55:00
osv
osv
OpenStack Swift Cross-site Scriping vulnerability
2022-05-17 04:04:46
nessus
nessus
RHEL 7 : openstack-swift (RHSA-2014:0941)
2024-04-24 00:00:00
Ubuntu 14.04 LTS : Swift vulnerability (USN-2256-1)
2014-06-26 00:00:00
nvd
nvd
CVE-2014-3497
2014-07-03 17:55:06
ibm
ibm
Security Bulletin: IBM Cloud Manager with Openstack XSS in Swift vulnerability (CVE-2014-3497)
2018-08-08 04:13:55
veracode
veracode
Cross-site Scripting (XSS)
2019-01-15 08:57:43
openvas
openvas
Ubuntu: Security Advisory (USN-2256-1)
2014-07-01 00:00:00
cvelist
cvelist
CVE-2014-3497
2014-07-03 17:00:00
github
github
OpenStack Swift Cross-site Scriping vulnerability
2022-05-17 04:04:46
debiancve
debiancve
CVE-2014-3497
2014-07-03 17:55:06
securityvulns
securityvulns
OpenStack multiple security vulnerabilities
2014-08-24 00:00:00

0.003 Low

EPSS

Percentile

66.4%

JSON
Related for RHSA-2014:0941
cve1ubuntu1ubuntucve1prion1osv1nessus2nvd1ibm1veracode1openvas1cvelist1github1debiancve1securityvulns1