10 matches found
GHSA-MFG3-P6M3-GJGR OpenStack Nova: Nova scheduler hint injection bypasses Placement resource claims and scheduling constraints
Affects - Nova: =18.0.0 =32.0.0 =33.0.0 33.0.2 Description Erichen from the Institute of Computing Technology, Chinese Academy of Sciences reported that Nova's server create API does not strip internal scheduler hints. An authenticated user can bypass Placement resource claims and scheduling...
OpenStack Nova: Nova scheduler hint injection bypasses Placement resource claims and scheduling constraints
Affects - Nova: =18.0.0 =32.0.0 =33.0.0 33.0.2 Description Erichen from the Institute of Computing Technology, Chinese Academy of Sciences reported that Nova's server create API does not strip internal scheduler hints. An authenticated user can bypass Placement resource claims and scheduling...
EUVD-2015-4018
Malware in sbrugna...
[BSA-107] Security Update for horizon
Thomas Goirand uploaded new packages for horizon which fixed the following security problem: CVE-2015-3988: Sunil Yadav from IBM Security Services reported a persistent XSS in Horizon. An authenticated user may conduct a persistent XSS attack by setting a malicious metadata to a Glance image, a...
DEBIAN-CVE-2015-3988
Multiple cross-site scripting XSS vulnerabilities in OpenStack Dashboard Horizon 2015.1.0 allow remote authenticated users to inject arbitrary web script or HTML via the metadata to a 1 Glance image, 2 Nova flavor or 3 Host Aggregate...
CVE-2015-3988
Multiple cross-site scripting XSS vulnerabilities in OpenStack Dashboard Horizon 2015.1.0 allow remote authenticated users to inject arbitrary web script or HTML via the metadata to a 1 Glance image, 2 Nova flavor or 3 Host Aggregate...
CVE-2015-3988
Multiple cross-site scripting XSS vulnerabilities in OpenStack Dashboard Horizon 2015.1.0 allow remote authenticated users to inject arbitrary web script or HTML via the metadata to a 1 Glance image, 2 Nova flavor or 3 Host Aggregate...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in OpenStack Dashboard Horizon 2015.1.0 allow remote authenticated users to inject arbitrary web script or HTML via the metadata to a 1 Glance image, 2 Nova flavor or 3 Host Aggregate...
CVE-2015-3988
Multiple cross-site scripting XSS vulnerabilities in OpenStack Dashboard Horizon 2015.1.0 allow remote authenticated users to inject arbitrary web script or HTML via the metadata to a 1 Glance image, 2 Nova flavor or 3 Host Aggregate...
CVE-2015-3988
Multiple cross-site scripting XSS vulnerabilities in OpenStack Dashboard Horizon 2015.1.0 allow remote authenticated users to inject arbitrary web script or HTML via the metadata to a 1 Glance image, 2 Nova flavor or 3 Host Aggregate...