Havana Security Vulnerabilities and Issues — Havana CVE List

Lucene search

OpenstackHavana

3 matches found

CVE•added 2013/11/02 7:55 p.m.•67 views

CVE-2013-4477

The LDAP backend in OpenStack Identity (Keystone) Grizzly and Havana, when removing a role on a tenant for a user who does not have that role, adds the role to the user, which allows local users to gain privileges.

3.3CVSS6.3AI score0.00064EPSS

CVE•added 2013/11/02 6:55 p.m.•58 views

CVE-2013-4469

OpenStack Compute (Nova) Folsom, Grizzly, and Havana, when use_cow_images is set to False, does not verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service (host file system disk consumption) by transferring an image with a large virtual size that does not co...

1.9CVSS6AI score0.00062EPSS

CVE•added 2013/11/05 8:55 p.m.•56 views

CVE-2013-4497

The XenAPI backend in OpenStack Compute (Nova) Folsom, Grizzly, and Havana before 2013.2 does not properly apply security groups (1) when resizing an image or (2) during live migration, which allows remote attackers to bypass intended restrictions.

6.4CVSS6.6AI score0.00094EPSS