7799 matches found
openstack-heat: authenticated information leak in Heat
It was discovered that a user could temporarily be able to see the URL of a provider template used in another tenant. If the template itself could be accessed, then additional information could be leaked that would otherwise not be visible...
Moderate: Red Hat Security Advisory: openstack-heat security, bug fix, and enhancement update
Updated openstack-heat packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux OpenStack Platform 4.0. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System...
Fedora 20 : openstack-glance-2013.2.4-1.fc20 (2014-11697)
Update to upstream 2013.2.4 Merge spec from el6-icehouse Security fix for CVE-2014-5356 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible witho...
Fedora Update for openstack-glance FEDORA-2014-11697
Check the version of openstack-glance SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868414";...
[SECURITY] Fedora 20 Update: openstack-glance-2013.2.4-1.fc20
OpenStack Image Service code-named Glance provides discovery, registratio n, and delivery services for virtual disk images. The Image Service API server provides a standard REST interface for querying information about virtual d isk images stored in a variety of back-end stores, including OpenSta...
CVE-2014-7960
OpenStack Object Storage Swift before 2.2.0 allows remote authenticated users to bypass the maxmetacount and other metadata constraints via multiple crafted requests which exceed the limit when combined...
CVE-2014-7960
OpenStack Object Storage Swift before 2.2.0 allows remote authenticated users to bypass the maxmetacount and other metadata constraints via multiple crafted requests which exceed the limit when combined...
DEBIAN-CVE-2014-7960
OpenStack Object Storage Swift before 2.2.0 allows remote authenticated users to bypass the maxmetacount and other metadata constraints via multiple crafted requests which exceed the limit when combined...
Design/Logic Flaw
OpenStack Object Storage Swift before 2.2.0 allows remote authenticated users to bypass the maxmetacount and other metadata constraints via multiple crafted requests which exceed the limit when combined...
CVE-2014-7960
CVE-2014-7960 affects OpenStack Object Storage (Swift) before 2.2.0. A vulnerability in metadata constraints allows remote authenticated users to bypass max_meta_count and related limits by issuing multiple crafted requests that exceed the configured threshold. The issue is confirmed in multiple ...
CVE-2014-7960
OpenStack Object Storage Swift before 2.2.0 allows remote authenticated users to bypass the maxmetacount and other metadata constraints via multiple crafted requests which exceed the limit when combined...
CVE-2014-7960
OpenStack Object Storage Swift before 2.2.0 allows remote authenticated users to bypass the maxmetacount and other metadata constraints via multiple crafted requests which exceed the limit when combined...
CVE-2014-7960
OpenStack Object Storage Swift before 2.2.0 allows remote authenticated users to bypass the maxmetacount and other metadata constraints via multiple crafted requests which exceed the limit when combined...
UBUNTU-CVE-2014-7960
OpenStack Object Storage Swift before 2.2.0 allows remote authenticated users to bypass the maxmetacount and other metadata constraints via multiple crafted requests which exceed the limit when combined...
SUSE-RU-2015:0462-1 Recommended update for crowbar-barclamp-nova_dashboard
This update for crowbar-barclamp-novadashboard provides stability fixes from the upstream OpenStack project: Use a host specific memcache key for djangocompressor bnc894070 Add Requires on crowbar-barclamp-openstack for the new crowbar-openstack cookbook. Use helpers from new crowbar-openstack...
CVE-2014-8750
Race condition in the VMware driver in OpenStack Compute Nova before 2014.1.4 and 2014.2 before 2014.2rc1 allows remote authenticated users to access unintended consoles by spawning an instance that triggers the same VNC port to be allocated to two different instances...
CVE-2014-8750
Race condition in the VMware driver in OpenStack Compute Nova before 2014.1.4 and 2014.2 before 2014.2rc1 allows remote authenticated users to access unintended consoles by spawning an instance that triggers the same VNC port to be allocated to two different instances...
Race condition
Race condition in the VMware driver in OpenStack Compute Nova before 2014.1.4 and 2014.2 before 2014.2rc1 allows remote authenticated users to access unintended consoles by spawning an instance that triggers the same VNC port to be allocated to two different instances...
CVE-2014-8750
CVE-2014-8750 is a race condition in the OpenStack Nova VMware driver related to VNC port allocation. An authenticated user could cause two instances to receive the same VNC port, potentially exposing unauthorized consoles across tenants. Affected setups are those using the VMware driver with the...
CVE-2014-8750
Race condition in the VMware driver in OpenStack Compute Nova before 2014.1.4 and 2014.2 before 2014.2rc1 allows remote authenticated users to access unintended consoles by spawning an instance that triggers the same VNC port to be allocated to two different instances...