403 matches found
PYSEC-2026-1708 OpenStack Cinder, Glance, and Nova vulnerable to arbitrary file access
An issue was discovered in OpenStack Cinder through 24.0.0, Glance before 28.0.2, and Nova before 29.0.3. Arbitrary file access can occur via custom QCOW2 external data. By supplying a crafted QCOW2 image that references a specific data file path, an authenticated user may convince systems to...
PYSEC-2026-871 OpenStack Cinder, Glance, and Nova contain Uncontrolled Resource Consumption
The image parser in OpenStack Cinder prior to 7.0.2, and 8.0.0 and above, prior to 9.0.0; Glance prior to 14.00; and Nova prior to 12.0.4 does not properly limit qemu-img calls, which might allow attackers to cause a denial of service memory and disk consumption via a crafted disk image. This iss...
Linux Distros Unpatched Vulnerability : CVE-2013-0266
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the puppetlabs-cinder module, as used in PackStack. This vulnerability is due to incorrect file permissions, specifically world-readable...
TencentOS Server 4: openstack-cinder (TSSA-2025:0077)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0077 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
TencentOS Server 4: openstack-glance (TSSA-2025:0076)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0076 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
EUVD-2013-0003
Malware in sbrugna...
EUVD-2017-6599
Malware in sbrugna...
EUVD-2020-0061
Malware in sbrugna...
EUVD-2013-1108
Malware in sbrugna...
EUVD-2022-4978
Malicious code in bioql PyPI...
EUVD-2022-3382
Malicious code in bioql PyPI...
EUVD-2023-33614
Malicious code in bioql PyPI...
EUVD-2022-4548
Malicious code in bioql PyPI...
EUVD-2023-0384
Malicious code in bioql PyPI...
EUVD-2022-3861
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2024-32498
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in OpenStack Cinder through 24.0.0, Glance before 28.0.2, and Nova before 29.0.3. Arbitrary file access can occur via custom QCOW2...
Linux Distros Unpatched Vulnerability : CVE-2020-10755
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An insecure-credentials flaw was found in all openstack-cinder versions before openstack-cinder 14.1.0, all openstack-cinder 15.x.x versions before...
Linux Distros Unpatched Vulnerability : CVE-2022-47951
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in OpenStack Cinder before 19.1.2, 20.x before 20.0.2, and 21.0.0; Glance before 23.0.1, 24.x before 24.1.1, and 25.0.0; and Nova before...
Linux Distros Unpatched Vulnerability : CVE-2017-15139
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in openstack-cinder releases up to and including Queens, allowing newly created volumes in certain storage volume configurations to...
RHEL 6 / 7 : openstack-cinder (RHSA-2015:1206)
The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2015:1206 advisory. OpenStack Block Storage cinder manages block storage mounting and the presentation of such mounted block storage to instances. The backend physic...