OpenStack Murano Code Execution

OpenStack Murano before 1.0.3 liberty and 2.x before 2.0.1 mitaka, Murano-dashboard before 1.0.3 liberty and 2.x before 2.0.1 mitaka, and python-muranoclient before 0.7.3 liberty and 0.8.x before 0.8.5 mitaka improperly use loaders inherited from yaml.Loader when parsing MuranoPL and UI files,...

GHSA-7F2C-VP52-GMFW OpenStack keystonemiddleware does not verify certificate

OpenStack keystonemiddleware formerly python-keystoneclient 0.x before 0.11.0 and 1.x before 1.2.0 disables certification verification when the "insecure" option is set in a paste configuration paste.ini file regardless of the value, which allows remote attackers to conduct man-in-the-middle...

OpenStack keystonemiddleware does not verify certificate

OpenStack keystonemiddleware formerly python-keystoneclient 0.x before 0.11.0 and 1.x before 1.2.0 disables certification verification when the "insecure" option is set in a paste configuration paste.ini file regardless of the value, which allows remote attackers to conduct man-in-the-middle...

GHSA-GVJG-R9FV-7QX9 OpenStack Image Service (Glance) allows remote authenticated users to bypass storage quota, cause denial of service

OpenStack Image Service Glance before 2014.2.4 juno and 2015.1.x before 2015.1.2 kilo allows remote authenticated users to bypass the storage quota and cause a denial of service disk consumption by deleting images that are being uploaded using a token that expires during the process. NOTE: this...

OpenStack Image Service (Glance) allows remote authenticated users to bypass storage quota, cause denial of service

OpenStack Image Service Glance before 2014.2.4 juno and 2015.1.x before 2015.1.2 kilo allows remote authenticated users to bypass the storage quota and cause a denial of service disk consumption by deleting images that are being uploaded using a token that expires during the process. NOTE: this...

GHSA-Q73F-VJC2-3GQF OpenStack Image Service (Glance) allows remote authenticated users to read arbitrary file

The import task action in OpenStack Image Service Glance 2015.1.x before 2015.1.2 kilo, when using the V2 API, allows remote authenticated users to read arbitrary files via a crafted backing file for a qcow2 image...

OpenStack Image Service (Glance) allows remote authenticated users to read arbitrary file

The import task action in OpenStack Image Service Glance 2015.1.x before 2015.1.2 kilo, when using the V2 API, allows remote authenticated users to read arbitrary files via a crafted backing file for a qcow2 image...

GHSA-5XRJ-GHHP-HX7P OpenStack Image Service (Glance) vulnerable to Improper Access Control

OpenStack Image Service Glance before 2015.1.3 kilo and 11.0.x before 11.0.2 liberty, when showmultiplelocations is enabled, allow remote authenticated users to change image status and upload new image data by removing the last location of an image...

OpenStack Image Service (Glance) vulnerable to Improper Access Control

OpenStack Image Service Glance before 2015.1.3 kilo and 11.0.x before 11.0.2 liberty, when showmultiplelocations is enabled, allow remote authenticated users to change image status and upload new image data by removing the last location of an image...

GHSA-F82M-W3P3-CGP3 OpenStack Identity Keystone Improper Access Control

The Fernet Token Provider in OpenStack Identity Keystone 9.0.x before 9.0.1 mitaka allows remote authenticated users to prevent revocation of a chain of tokens and bypass intended access restrictions by rescoping a token...

OpenStack Identity Keystone Improper Access Control

The Fernet Token Provider in OpenStack Identity Keystone 9.0.x before 9.0.1 mitaka allows remote authenticated users to prevent revocation of a chain of tokens and bypass intended access restrictions by rescoping a token...

GHSA-9PP3-CVMQ-9P22 OpenStack Neutron Intended MAC-spoofing protection mechanism bypass

The IPTables firewall in OpenStack Neutron up to 7.0.4 and 8.x before 8.1.0 allows remote attackers to bypass an intended MAC-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via 1 a crafted DHCP discovery message or 2 crafted non-IP traffic...

OpenStack Neutron Intended MAC-spoofing protection mechanism bypass

The IPTables firewall in OpenStack Neutron up to 7.0.4 and 8.x before 8.1.0 allows remote attackers to bypass an intended MAC-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via 1 a crafted DHCP discovery message or 2 crafted non-IP traffic...

GHSA-972C-CFV8-2HQ8 OpenStack Object Storage (Swift) allows remote attackers to cause a denial of service

OpenStack Object Storage Swift before 2.4.0 does not properly close client connections, which allows remote attackers to cause a denial of service proxy-server resource consumption via a series of interrupted requests to a Large Object URL...

OpenStack Object Storage (Swift) allows remote attackers to cause a denial of service

OpenStack Object Storage Swift before 2.4.0 does not properly close client connections, which allows remote attackers to cause a denial of service proxy-server resource consumption via a series of interrupted requests to a Large Object URL...

GHSA-FXWR-2VXM-CG7P OpenStack Object Storage (Swift) allows remote attackers to cause a denial of service

OpenStack Object Storage Swift before 2.3.1 Kilo, 2.4.x, and 2.5.x before 2.5.1 Liberty do not properly close server connections, which allows remote attackers to cause a denial of service proxy-server resource consumption via a series of interrupted requests to a Large Object URL...

OpenStack Object Storage (Swift) allows remote attackers to cause a denial of service

OpenStack Object Storage Swift before 2.3.1 Kilo, 2.4.x, and 2.5.x before 2.5.1 Liberty do not properly close server connections, which allows remote attackers to cause a denial of service proxy-server resource consumption via a series of interrupted requests to a Large Object URL...

GHSA-J4MH-9WQ6-8RG6 OpenStack Glance Bypass the storage quota and Denial of service

OpenStack Glance 2014.2.x through 2014.2.1, 2014.1.3, and earlier allows remote authenticated users to bypass the storage quota and cause a denial of service disk consumption by deleting an image in the saving state...

OpenStack Glance Bypass the storage quota and Denial of service

OpenStack Glance 2014.2.x through 2014.2.1, 2014.1.3, and earlier allows remote authenticated users to bypass the storage quota and cause a denial of service disk consumption by deleting an image in the saving state...

keystonemiddleware (>=1.3.2 <=1.5.3), python-ceilometerclient (>=1.0.14 <=1.1.2) +7 more potentially affected by CVE-2015-1852 via python-keystoneclient (>=1.1.0 <=1.3.4)

python-keystoneclient PYPI version =1.1.0, =1.3.2, =1.0.14, =1.1.2, =0.14.3, =0.9.4, =0.5.8, =2.23.2, =1.0.4, =1.0.5 Source cves: CVE-2015-1852 Source advisory: OSV:GHSA-P9WQ-MJH8-Q72M...