7799 matches found
openstack-glance: Glance image status manipulation through locations
An authorization vulnerability in OpenStack Image service was discovered, which allowed image-status manipulation using locations. By removing the last location of an image, an authenticated user could change the status from 'active' to 'queue'. A malicious tenant could exploit this flaw to...
Low: Red Hat Security Advisory: openstack-glance security update
Updated openstack-glance packages that fix one security issue are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 Icehouse for RHEL 7. Red Hat Product Security has rated this update as having a Low security impact. Common Vulnerability Scoring System CVSS base scores, which give...
Low: Red Hat Security Advisory: openstack-glance security update
Updated openstack-glance packages that fix one security issue are now available for Red Hat Enterprise Linux OpenStack Platform 7.0 Kilo for RHEL 7. Red Hat Product Security has rated this update as having a Low security impact. Common Vulnerability Scoring System CVSS base scores, which give...
RHEL 6 : Storage Server (RHSA-2016:0329)
Updated openstack-swift packages that fix two security issues are now available for Red Hat Gluster Storage 3.1 update 2 in Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which gi...
RHEL 7 : Storage Server (RHSA-2016:0328)
Updated openstack-swift packages that fix two security issues are now available for Red Hat Gluster Storage 3.1 update 2 in Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which gi...
openstack-swift: Information leak via Swift tempurls
A flaw was discovered in the OpenStack Object Storage service swift TempURLs. An attacker in possession of a TempURL key with PUT permissions could gain read access to other objects in the same project tenant...
openstack-swift: Proxy to server DoS through Large Objects
A memory-leak issue was found in OpenStack Object Storage swift, in the proxy-to-server connection. An OpenStack-authenticated attacker could remotely trigger this flaw to cause denial of service through excess memory consumption...
Moderate: Red Hat Security Advisory: openstack-swift security update
Updated openstack-swift packages that fix two security issues are now available for Red Hat Gluster Storage 3.1 update 2 in Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which gi...
openstack-swift: Client to proxy DoS through Large Objects
A memory-leak issue was found in OpenStack Object Storage swift, in the client-to-proxy connection. An OpenStack-authenticated attacker could remotely trigger this flaw to cause denial of service through excess memory consumption...
openstack-swift: Information leak via Swift tempurls
A flaw was discovered in the OpenStack Object Storage service swift TempURLs. An attacker in possession of a TempURL key with PUT permissions could gain read access to other objects in the same project tenant...
openstack-swift: Proxy to server DoS through Large Objects
A memory-leak issue was found in OpenStack Object Storage swift, in the proxy-to-server connection. An OpenStack-authenticated attacker could remotely trigger this flaw to cause denial of service through excess memory consumption...
Moderate: Red Hat Security Advisory: openstack-swift security update
Updated openstack-swift packages that fix two security issues are now available for Red Hat Gluster Storage 3.1 update 2 in Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which gi...
openstack-swift: Client to proxy DoS through Large Objects
A memory-leak issue was found in OpenStack Object Storage swift, in the client-to-proxy connection. An OpenStack-authenticated attacker could remotely trigger this flaw to cause denial of service through excess memory consumption...
openstack-glance: Glance image status manipulation through locations
An authorization vulnerability in OpenStack Image service was discovered, which allowed image-status manipulation using locations. By removing the last location of an image, an authenticated user could change the status from 'active' to 'queue'. A malicious tenant could exploit this flaw to...
Low: Red Hat Security Advisory: openstack-glance security update
Updated openstack-glance packages that fix one security issue are now available for Red Hat Enterprise Linux OpenStack Platform 6.0 Juno for RHEL 7. Red Hat Product Security has rated this update as having a Low security impact. Common Vulnerability Scoring System CVSS base scores, which give...
OpenStack Glance Security Bypass Vulnerability
OpenStack is a cloud platform management project. glance is one of the projects that can store, query and retrieve virtual machine images. A security vulnerability exists in OpenStack Glanc that allows an attacker to exploit the vulnerability to bypass security restrictions and perform unauthoriz...
openstack-heat: Vulnerability in Heat template validation leading to DoS
A vulnerability was discovered in the OpenStack Orchestration service heat, where a specially formatted template could be used to trick the heat-engine service into opening a local file. Although the file contents are never disclosed to the end user, an OpenStack-authenticated attacker could use...
Moderate: Red Hat Security Advisory: openstack-heat bug fix and security advisory
Updated openstack-heat packages that fix one security issue and resolve various bugs are now available for Red Hat Enterprise Linux OpenStack Platform 7.0 Kilo for RHEL 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS...
OpenStack Compliance Checks
Binary data openstackcompliancecheck.nbin...
OpenStack Settings
Binary data openstacksettings.nbin...