Swift@1.11.0 Security Vulnerabilities and Issues — Swift@1.11.0 CVE List

Lucene search

OpenstackSwift1.11.0

3 matches found

CVE•added 2014/07/03 5:55 p.m.•74 views

CVE-2014-3497

Cross-site scripting (XSS) vulnerability in OpenStack Swift 1.11.0 through 1.13.1 allows remote attackers to inject arbitrary web script or HTML via the WWW-Authenticate header.

4.3CVSS5.5AI score0.00445EPSS

CVE•added 2014/01/23 1:55 a.m.•59 views

CVE-2014-0006

The TempURL middleware in OpenStack Object Storage (Swift) 1.4.6 through 1.8.0, 1.9.0 through 1.10.0, and 1.11.0 allows remote attackers to obtain secret URLs by leveraging an object name and a timing side-channel attack.

4.3CVSS6.3AI score0.00262EPSS

CVE•added 2014/02/18 7:55 p.m.•44 views

CVE-2013-6396

The OpenStack Python client library for Swift (python-swiftclient) 1.0 through 1.9.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

5.8CVSS5.8AI score0.00137EPSS