Lucene search
K

10 matches found

OSV
OSV
added 2026/06/16 9:32 p.m.2 views

GHSA-MFG3-P6M3-GJGR OpenStack Nova: Nova scheduler hint injection bypasses Placement resource claims and scheduling constraints

Affects - Nova: =18.0.0 =32.0.0 =33.0.0 33.0.2 Description Erichen from the Institute of Computing Technology, Chinese Academy of Sciences reported that Nova's server create API does not strip internal scheduler hints. An authenticated user can bypass Placement resource claims and scheduling...

5.4CVSS5.3AI score0.00272EPSS
Exploits1References9
Github Security Blog
Github Security Blog
added 2026/06/16 9:32 p.m.10 views

OpenStack Nova: Nova scheduler hint injection bypasses Placement resource claims and scheduling constraints

Affects - Nova: =18.0.0 =32.0.0 =33.0.0 33.0.2 Description Erichen from the Institute of Computing Technology, Chinese Academy of Sciences reported that Nova's server create API does not strip internal scheduler hints. An authenticated user can bypass Placement resource claims and scheduling...

8.5CVSS5.2AI score0.00272EPSS
Exploits1References9Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2015-4018

Malware in sbrugna...

3.5CVSS6.1AI score0.01799EPSS
Exploits0References9
Debian
Debian
added 2015/05/26 7:41 a.m.62 views

[BSA-107] Security Update for horizon

Thomas Goirand uploaded new packages for horizon which fixed the following security problem: CVE-2015-3988: Sunil Yadav from IBM Security Services reported a persistent XSS in Horizon. An authenticated user may conduct a persistent XSS attack by setting a malicious metadata to a Glance image, a...

3.5CVSS5.9AI score0.01799EPSS
Exploits0
OSV
OSV
added 2015/05/19 6:59 p.m.2 views

DEBIAN-CVE-2015-3988

Multiple cross-site scripting XSS vulnerabilities in OpenStack Dashboard Horizon 2015.1.0 allow remote authenticated users to inject arbitrary web script or HTML via the metadata to a 1 Glance image, 2 Nova flavor or 3 Host Aggregate...

3.5CVSS5.6AI score0.01799EPSS
Exploits0References1
NVD
NVD
added 2015/05/19 6:59 p.m.31 views

CVE-2015-3988

Multiple cross-site scripting XSS vulnerabilities in OpenStack Dashboard Horizon 2015.1.0 allow remote authenticated users to inject arbitrary web script or HTML via the metadata to a 1 Glance image, 2 Nova flavor or 3 Host Aggregate...

3.5CVSS5.3AI score0.01799EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2015/05/19 6:59 p.m.25 views

CVE-2015-3988

Multiple cross-site scripting XSS vulnerabilities in OpenStack Dashboard Horizon 2015.1.0 allow remote authenticated users to inject arbitrary web script or HTML via the metadata to a 1 Glance image, 2 Nova flavor or 3 Host Aggregate...

3.5CVSS5.9AI score0.01799EPSS
Exploits0References3
Prion
Prion
added 2015/05/19 6:59 p.m.27 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in OpenStack Dashboard Horizon 2015.1.0 allow remote authenticated users to inject arbitrary web script or HTML via the metadata to a 1 Glance image, 2 Nova flavor or 3 Host Aggregate...

3.5CVSS5.6AI score0.01799EPSS
Exploits0References6Affected Software2
Debian CVE
Debian CVE
added 2015/05/19 6:0 p.m.43 views

CVE-2015-3988

Multiple cross-site scripting XSS vulnerabilities in OpenStack Dashboard Horizon 2015.1.0 allow remote authenticated users to inject arbitrary web script or HTML via the metadata to a 1 Glance image, 2 Nova flavor or 3 Host Aggregate...

3.5CVSS5.4AI score0.01799EPSS
Exploits0
Cvelist
Cvelist
added 2015/05/19 6:0 p.m.37 views

CVE-2015-3988

Multiple cross-site scripting XSS vulnerabilities in OpenStack Dashboard Horizon 2015.1.0 allow remote authenticated users to inject arbitrary web script or HTML via the metadata to a 1 Glance image, 2 Nova flavor or 3 Host Aggregate...

5.3AI score0.01799EPSS
Exploits0References6
Rows per page
Query Builder