Lucene search
K

4 matches found

CVE
CVE
added 2016/10/07 2:0 p.m.101 views

CVE-2015-5162

CVE-2015-5162 affects OpenStack components OpenStack Cinder, Glance, and Nova where the image parser does not properly limit qemu-img calls. This can allow an unprivileged user to trigger a denial of service through crafted disk images, consuming RAM and disk space on the compute host. Affected v...

7.8CVSS7AI score0.03062EPSS
CVE
CVE
added 2016/04/12 2:0 p.m.89 views

CVE-2016-2140

CVE-2016-2140 concerns OpenStack Nova’s libvirt driver. When using raw storage with use_cow_images = false, crafted qcow2 headers could allow a remote authenticated user to read arbitrary files on the host via an ephemeral or root disk. The issue affects OpenStack Compute (Nova) releases prior to...

5.3CVSS5.1AI score0.02091EPSS
CVE
CVE
added 2016/01/12 7:0 p.m.78 views

CVE-2015-7548

CVE-2015-7548 affects OpenStack Nova (Kilo/liberty branch) and allows a local authenticated user to read host files by overwriting an instance disk with a crafted image and requesting a snapshot. The root cause is in the instance snapshot flow when using libvirt/early Nova code paths, enabling ar...

3.5CVSS4AI score0.01803EPSS
CVE
CVE
added 2016/01/15 7:0 p.m.63 views

CVE-2015-8749

CVE-2015-8749 affects OpenStack Nova (Compute) when using the Xen backend. The function volume_utils._parse_volume_info can cause the StorageError message to include the connection_info dictionary, potentially exposing sensitive password information via logs or other vectors. Affected versions: O...

5.9CVSS5.7AI score0.02221EPSS