Openstack Security Vulnerabilities and Issues — Openstack CVE List

Lucene search

RedhatOpenstack

5 matches found

CVE•added 2018/10/08 3:29 p.m.•536 views

CVE-2018-1000807

Python Cryptographic Authority pyopenssl version prior to version 17.5.0 contains a CWE-416: Use After Free vulnerability in X509 object handling that can result in Use after free can lead to possible denial of service or remote code execution.. This attack appear to be exploitable via Depends on t...

8.1CVSS8.4AI score0.04509EPSS

CVE•added 2018/10/08 3:29 p.m.•528 views

CVE-2018-1000808

Python Cryptographic Authority pyopenssl version Before 17.5.0 contains a CWE - 401 : Failure to Release Memory Before Removing Last Reference vulnerability in PKCS #12 Store that can result in Denial of service if memory runs low or is exhausted. This attack appear to be exploitable via Depends up...

5.9CVSS6.5AI score0.00161EPSS

CVE•added 2018/10/09 10:29 p.m.•115 views

CVE-2018-17963

qemu_deliver_packet_iov in net/net.c in Qemu accepts packet sizes greater than INT_MAX, which allows attackers to cause a denial of service or possibly have unspecified other impact.

9.8CVSS9.7AI score0.04723EPSS

CVE•added 2018/10/19 10:29 p.m.•73 views

CVE-2018-18438

Qemu has integer overflows because IOReadHandler and its associated functions use a signed integer data type for a size value.

5.5CVSS7.1AI score0.0012EPSS

CVE•added 2018/10/31 1:29 p.m.•65 views

CVE-2016-2121

A permissions flaw was found in redis, which sets weak permissions on certain files and directories that could potentially contain sensitive information. A local, unprivileged user could possibly use this flaw to access unauthorized system information.

5.5CVSS5.3AI score0.00073EPSS