2 matches found
Important: Red Hat Security Advisory: Synopsis: Red Hat OpenStack Platform (openstack-cinder) security update
An update for openstack-cinder is now available for Red Hat OpenStack Platform. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabili...
openstack: Arbitrary file access through custom VMDK flat descriptor
A flaw was found in OpenStack-nova, Openstack-glance, and Openstack-cinder. By supplying a specially created VMDK flat image that references a specific backing file path, an authenticated user may convince systems to return a copy of that file's contents from the server, resulting in unauthorized...