2 matches found
RHEL 6 : rhevm (RHSA-2014:0814)
Updated rhevm packages that fix one security issue are now available. The Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available from the CVE link in the...
CVE-2014-3485
The CVE-2014-3485 issue affects oVirt’s ovirt-engine REST API (RHEV/RHEVM 3.4). Affected component: REST API handling within the ovirt-engine/JBoss server. Root cause: XML External Entity (XXE) processing flaw in XML API calls. Impact: remote authenticated users could read arbitrary files accessi...