Cross site request forgery (csrf)

OpenStack Compute Nova before 2014.1.4 and 2014.2.x before 2014.2.1 allows remote authenticated users to cause a denial of service CPU consumption via an IP filter in a list active servers API request...

CVE-2014-3708

OpenStack Compute Nova before 2014.1.4 and 2014.2.x before 2014.2.1 allows remote authenticated users to cause a denial of service CPU consumption via an IP filter in a list active servers API request...

CVE-2014-8333

The VMware driver in OpenStack Compute Nova before 2014.1.4 allows remote authenticated users to cause a denial of service disk consumption by deleting an instance in the resize state...

CVE-2014-8333

The VMware driver in OpenStack Compute Nova before 2014.1.4 allows remote authenticated users to cause a denial of service disk consumption by deleting an instance in the resize state...

CVE-2014-8333

CVE-2014-8333 affects the VMware driver in OpenStack Compute (Nova) prior to 2014.1.4. An authenticated user can trigger a denial-of-service (disk consumption) by deleting an instance that is in the resize state, causing backend resource exhaustion. Remediation reported in associated advisories: ...

CVE-2014-8333

The VMware driver in OpenStack Compute Nova before 2014.1.4 allows remote authenticated users to cause a denial of service disk consumption by deleting an instance in the resize state...

CVE-2014-3708

OpenStack Compute Nova before 2014.1.4 and 2014.2.x before 2014.2.1 allows remote authenticated users to cause a denial of service CPU consumption via an IP filter in a list active servers API request...

CVE-2014-3708

CVE-2014-3708 affects OpenStack Compute (Nova) before 2014.1.4 and 2014.2.x before 2014.2.1. The vulnerability arises from how an IP filter is processed in the list active servers API request, allowing remote authenticated users to cause a denial of service (CPU consumption). Public advisories (R...

CVE-2014-3708

OpenStack Compute Nova before 2014.1.4 and 2014.2.x before 2014.2.1 allows remote authenticated users to cause a denial of service CPU consumption via an IP filter in a list active servers API request...

PT-2014-5463 · Openstack · Openstack Compute

Name of the Vulnerable Software and Affected Versions: OpenStack Compute Nova versions prior to 2014.1.4 OpenStack Compute Nova versions 2014.2.x prior to 2014.2.1 Description: The issue allows remote authenticated users to cause a denial of service, specifically CPU consumption, by exploiting an...

CVE-2014-3520

OpenStack Identity Keystone before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated trustees to gain access to an unauthorized project for which the trustor has certain roles via the project ID in a V2 API trust token request...

CVE-2014-3520

OpenStack Identity Keystone before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated trustees to gain access to an unauthorized project for which the trustor has certain roles via the project ID in a V2 API trust token request...

Cross site request forgery (csrf)

OpenStack Identity Keystone before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated trustees to gain access to an unauthorized project for which the trustor has certain roles via the project ID in a V2 API trust token request...

CVE-2014-3520

OpenStack Identity Keystone before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated trustees to gain access to an unauthorized project for which the trustor has certain roles via the project ID in a V2 API trust token request...

CVE-2014-3520

CVE-2014-3520 affects OpenStack Identity (Keystone) where, in V2 API trust handling, a remote authenticated trustee can gain access to an unauthorized project by supplying the project ID in a trust token request. Affected versions include Keystone before 2013.2.4, 2014.x before 2014.1.2, and Juno...

CVE-2014-3520

OpenStack Identity Keystone before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated trustees to gain access to an unauthorized project for which the trustor has certain roles via the project ID in a V2 API trust token request...

openstack-glance: Glance store disk space exhaustion

It was discovered that the imagesizecap configuration option in glance was not honored. An authenticated user could use this flaw to upload an image to glance and consume all available storage space, resulting in a denial of service...

Moderate: Red Hat Security Advisory: openstack-glance security and bug fix update

Updated openstack-glance packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux OpenStack Platform 4.0. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which giv...

Moderate: Red Hat Security Advisory: openstack-neutron security and bug fix update

Updated openstack-neutron packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux OpenStack Platform 4.0. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which...

Important: Red Hat Security Advisory: openstack-keystone security and bug fix update

Updated openstack-keystone packages that fix two security issues and multiple bugs are now available for Red Hat Enterprise Linux OpenStack Platform 4.0. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which...