Lucene search
K

6 matches found

Veracode
Veracode
added 2019/01/15 9:9 a.m.25 views

Arbitrary File Read

openstack-nova is vulnerable to arbitrary file read. A flaw was discovered in the OpenStack Compute nova snapshot feature when using the libvirt driver. A compute user could overwrite an attached instance disk with a malicious header specifying a backing file, and then request a snapshot, causing...

3.5CVSS4.6AI score0.01803EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2016/01/12 7:59 p.m.18 views

Stack overflow

OpenStack Compute Nova before 2015.1.3 kilo and 12.0.x before 12.0.1 liberty, when using libvirt to spawn instances and usecowimages is set to false, allow remote authenticated users to read arbitrary files by overwriting an instance disk with a crafted image and requesting a snapshot...

2.1CVSS6.7AI score0.01803EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2016/01/12 7:0 p.m.36 views

CVE-2015-7548

OpenStack Compute Nova before 2015.1.3 kilo and 12.0.x before 12.0.1 liberty, when using libvirt to spawn instances and usecowimages is set to false, allow remote authenticated users to read arbitrary files by overwriting an instance disk with a crafted image and requesting a snapshot...

4.7AI score0.01803EPSS
Exploits0References3
Cvelist
Cvelist
added 2014/05/08 2:0 p.m.39 views

CVE-2014-0134

The instance rescue mode in OpenStack Compute Nova 2013.2 before 2013.2.3 and Icehouse before 2014.1, when using libvirt to spawn images and usecowimages is set to false, allows remote authenticated users to read certain compute host files by overwriting an instance disk with a crafted image...

5.9AI score0.01488EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2014/05/08 12:0 a.m.31 views

CVE-2014-0134

The instance rescue mode in OpenStack Compute Nova 2013.2 before 2013.2.3 and Icehouse before 2014.1, when using libvirt to spawn images and usecowimages is set to false, allows remote authenticated users to read certain compute host files by overwriting an instance disk with a crafted image...

3.5CVSS5.9AI score0.01488EPSS
Exploits0References2
CVE
CVE
added 2013/11/02 6:0 p.m.76 views

CVE-2013-4469

CVE-2013-4469 affects OpenStack Nova (Folsom, Grizzly, Havana) where use_cow_images=False allows a local attacker to cause a DoS by transferring a QCOW2 image with a large virtual size but little data, because the code does not verify the image’s virtual size. Root cause noted as an incomplete fi...

1.9CVSS6AI score0.00438EPSS
Exploits1References3Affected Software3
Rows per page
Query Builder