CVE-2012-3447

OpenStack Compute (Nova) vulnerability affecting the 2012.1.x branch prior to 2012.1.2 and Folsom prior to Folsom-3. A remote authenticated user can overwrite arbitrary files via a symlink attack on a file inside an image that uses a symlink readable only by root. The issue stems from an incomple...

CVE-2013-4261

OpenStack Compute (Nova) Folsom, Grizzly, and earlier versions are affected when using the Apache Qpid RPC backend. The issue arises from improper error handling in messaging, allowing remote attackers to cause a denial of service via connection pool exhaustion by sending long strings to an insta...