7817 matches found
GHSA-7F2C-VP52-GMFW OpenStack keystonemiddleware does not verify certificate
OpenStack keystonemiddleware formerly python-keystoneclient 0.x before 0.11.0 and 1.x before 1.2.0 disables certification verification when the "insecure" option is set in a paste configuration paste.ini file regardless of the value, which allows remote attackers to conduct man-in-the-middle...
OpenStack keystonemiddleware does not verify certificate
OpenStack keystonemiddleware formerly python-keystoneclient 0.x before 0.11.0 and 1.x before 1.2.0 disables certification verification when the "insecure" option is set in a paste configuration paste.ini file regardless of the value, which allows remote attackers to conduct man-in-the-middle...
GHSA-GVJG-R9FV-7QX9 OpenStack Image Service (Glance) allows remote authenticated users to bypass storage quota, cause denial of service
OpenStack Image Service Glance before 2014.2.4 juno and 2015.1.x before 2015.1.2 kilo allows remote authenticated users to bypass the storage quota and cause a denial of service disk consumption by deleting images that are being uploaded using a token that expires during the process. NOTE: this...
OpenStack Image Service (Glance) allows remote authenticated users to bypass storage quota, cause denial of service
OpenStack Image Service Glance before 2014.2.4 juno and 2015.1.x before 2015.1.2 kilo allows remote authenticated users to bypass the storage quota and cause a denial of service disk consumption by deleting images that are being uploaded using a token that expires during the process. NOTE: this...
GHSA-Q73F-VJC2-3GQF OpenStack Image Service (Glance) allows remote authenticated users to read arbitrary file
The import task action in OpenStack Image Service Glance 2015.1.x before 2015.1.2 kilo, when using the V2 API, allows remote authenticated users to read arbitrary files via a crafted backing file for a qcow2 image...
OpenStack Image Service (Glance) allows remote authenticated users to read arbitrary file
The import task action in OpenStack Image Service Glance 2015.1.x before 2015.1.2 kilo, when using the V2 API, allows remote authenticated users to read arbitrary files via a crafted backing file for a qcow2 image...
GHSA-5XRJ-GHHP-HX7P OpenStack Image Service (Glance) vulnerable to Improper Access Control
OpenStack Image Service Glance before 2015.1.3 kilo and 11.0.x before 11.0.2 liberty, when showmultiplelocations is enabled, allow remote authenticated users to change image status and upload new image data by removing the last location of an image...
OpenStack Image Service (Glance) vulnerable to Improper Access Control
OpenStack Image Service Glance before 2015.1.3 kilo and 11.0.x before 11.0.2 liberty, when showmultiplelocations is enabled, allow remote authenticated users to change image status and upload new image data by removing the last location of an image...
GHSA-F82M-W3P3-CGP3 OpenStack Identity Keystone Improper Access Control
The Fernet Token Provider in OpenStack Identity Keystone 9.0.x before 9.0.1 mitaka allows remote authenticated users to prevent revocation of a chain of tokens and bypass intended access restrictions by rescoping a token...
OpenStack Identity Keystone Improper Access Control
The Fernet Token Provider in OpenStack Identity Keystone 9.0.x before 9.0.1 mitaka allows remote authenticated users to prevent revocation of a chain of tokens and bypass intended access restrictions by rescoping a token...
GHSA-9PP3-CVMQ-9P22 OpenStack Neutron Intended MAC-spoofing protection mechanism bypass
The IPTables firewall in OpenStack Neutron up to 7.0.4 and 8.x before 8.1.0 allows remote attackers to bypass an intended MAC-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via 1 a crafted DHCP discovery message or 2 crafted non-IP traffic...
OpenStack Neutron Intended MAC-spoofing protection mechanism bypass
The IPTables firewall in OpenStack Neutron up to 7.0.4 and 8.x before 8.1.0 allows remote attackers to bypass an intended MAC-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via 1 a crafted DHCP discovery message or 2 crafted non-IP traffic...
GHSA-972C-CFV8-2HQ8 OpenStack Object Storage (Swift) allows remote attackers to cause a denial of service
OpenStack Object Storage Swift before 2.4.0 does not properly close client connections, which allows remote attackers to cause a denial of service proxy-server resource consumption via a series of interrupted requests to a Large Object URL...
OpenStack Object Storage (Swift) allows remote attackers to cause a denial of service
OpenStack Object Storage Swift before 2.4.0 does not properly close client connections, which allows remote attackers to cause a denial of service proxy-server resource consumption via a series of interrupted requests to a Large Object URL...
GHSA-FXWR-2VXM-CG7P OpenStack Object Storage (Swift) allows remote attackers to cause a denial of service
OpenStack Object Storage Swift before 2.3.1 Kilo, 2.4.x, and 2.5.x before 2.5.1 Liberty do not properly close server connections, which allows remote attackers to cause a denial of service proxy-server resource consumption via a series of interrupted requests to a Large Object URL...
OpenStack Object Storage (Swift) allows remote attackers to cause a denial of service
OpenStack Object Storage Swift before 2.3.1 Kilo, 2.4.x, and 2.5.x before 2.5.1 Liberty do not properly close server connections, which allows remote attackers to cause a denial of service proxy-server resource consumption via a series of interrupted requests to a Large Object URL...
GHSA-J4MH-9WQ6-8RG6 OpenStack Glance Bypass the storage quota and Denial of service
OpenStack Glance 2014.2.x through 2014.2.1, 2014.1.3, and earlier allows remote authenticated users to bypass the storage quota and cause a denial of service disk consumption by deleting an image in the saving state...
OpenStack Glance Bypass the storage quota and Denial of service
OpenStack Glance 2014.2.x through 2014.2.1, 2014.1.3, and earlier allows remote authenticated users to bypass the storage quota and cause a denial of service disk consumption by deleting an image in the saving state...
keystonemiddleware (>=1.3.2 <=1.5.3), python-ceilometerclient (>=1.0.14 <=1.1.2) +7 more potentially affected by CVE-2015-1852 via python-keystoneclient (>=1.1.0 <=1.3.4)
python-keystoneclient PYPI version =1.1.0, =1.3.2, =1.0.14, =1.1.2, =0.14.3, =0.9.4, =0.5.8, =2.23.2, =1.0.4, =1.0.5 Source cves: CVE-2015-1852 Source advisory: OSV:GHSA-P9WQ-MJH8-Q72M...
GHSA-P9WQ-MJH8-Q72M OpenStack keystonemiddleware and python-keystoneclient vulnerable to man-in-the-middle attacks
The s3token middleware in OpenStack keystonemiddleware before 1.6.0 and python-keystoneclient before 1.4.0 disables certification verification when the "insecure" option is set in a paste configuration paste.ini file regardless of the value, which allows remote attackers to conduct...