Havana@havana-1 Security Vulnerabilities and Issues — Havana@havana-1 CVE List

Lucene search

OpenstackHavanahavana-1

3 matches found

CVE•added 2013/11/05 8:55 p.m.•56 views

CVE-2013-4497

The XenAPI backend in OpenStack Compute (Nova) Folsom, Grizzly, and Havana before 2013.2 does not properly apply security groups (1) when resizing an image or (2) during live migration, which allows remote attackers to bypass intended restrictions.

6.4CVSS6.6AI score0.00094EPSS

CVE•added 2013/09/16 7:14 p.m.•54 views

CVE-2013-4179

The security group extension in OpenStack Compute (Nova) Grizzly 2013.1.3, Havana before havana-3, and earlier allows remote attackers to cause a denial of service (resource consumption and crash) via an XML Entity Expansion (XEE) attack. NOTE: this issue is due to an incomplete fix for CVE-2013-16...

4.3CVSS6.5AI score0.05143EPSS

CVE•added 2013/12/27 1:55 a.m.•44 views

CVE-2013-2030

keystone/middleware/auth_token.py in OpenStack Nova Folsom, Grizzly, and Havana uses an insecure temporary directory for storing signing certificates, which allows local users to spoof servers by pre-creating this directory, which is reused by Nova, as demonstrated using /tmp/keystone-signing-nova ...

2.1CVSS6.1AI score0.00035EPSS