Lucene search
K

4 matches found

RedHat Linux
RedHat Linux
added 2015/07/02 9:30 p.m.5 views

openstack-cinder: Host file disclosure through qcow2 backing file

A flaw was found in the OpenStack Block Storage cinder upload-to-image functionality. When processing a malicious qcow2 header, cinder could be tricked into reading an arbitrary file from the cinder host...

6.8CVSS5.8AI score0.02618EPSS
Exploits0References4
CNVD
CNVD
added 2015/06/26 12:0 a.m.3 views

OpenStack Cinder Information Disclosure Vulnerability (CNVD-2015-04083)

Cinder is OpenStack's chunked storage service. A security vulnerability exists in OpenStack Cinder, which can be exploited by an authenticated remote user to read arbitrary files by using a constructed graphical qcow2 signature within the upload-to-image command...

6.8CVSS6.8AI score0.02618EPSS
Exploits0References1
OSV
OSV
added 2015/06/25 4:59 p.m.0 views

DEBIAN-CVE-2015-1851

OpenStack Cinder before 2014.1.5 icehouse, 2014.2.x before 2014.2.4 juno, and 2015.1.x before 2015.1.1 kilo allows remote authenticated users to read arbitrary files via a crafted qcow2 signature in an image to the upload-to-image command...

6.8CVSS6.7AI score0.02618EPSS
Exploits0References1
OSV
OSV
added 2015/06/25 12:0 a.m.3 views

UBUNTU-CVE-2015-1851

OpenStack Cinder before 2014.1.5 icehouse, 2014.2.x before 2014.2.4 juno, and 2015.1.x before 2015.1.1 kilo allows remote authenticated users to read arbitrary files via a crafted qcow2 signature in an image to the upload-to-image command...

6.8CVSS5.9AI score0.02618EPSS
Exploits0References5
Rows per page
Query Builder