Lucene search
K
RedhatOpenstack

4 matches found

CVE
CVE
added 2014/11/01 11:0 p.m.123 views

CVE-2014-3615

CVE-2014-3615 concerns the VGA emulator in QEMU. The issue allows a privileged guest (local to the host) to read host memory by setting the display to a high resolution, due to a memory-access flaw in VGA emulation. Public context in connected advisories confirms this was addressed by backporting...

2.1CVSS6.1AI score0.0045EPSS
CVE
CVE
added 2023/03/06 12:0 a.m.96 views

CVE-2022-4134

CVE-2022-4134 affects OpenStack Glance. A flaw allows a remote, authenticated attacker to tamper with uploaded images, compromising the integrity of virtual machines created from those images. The available sources describe the vulnerable component as openstack-glance and confirm the impact is im...

2.8CVSS3.6AI score0.00323EPSS
CVE
CVE
added 2014/10/08 7:0 p.m.70 views

CVE-2014-7231

OpenStack Oslo utility library issue CVE-2014-7231 affects Cinder, Nova, and Trove before versions 2013.2.4 and 2014.1 before 2014.1.3. The strutils.mask_password() function did not properly mask passwords in command logs, enabling a local user with read access to logs to retrieve passwords. Reme...

2.1CVSS6.1AI score0.00528EPSS
CVE
CVE
added 2014/10/08 7:0 p.m.68 views

CVE-2014-7230

CVE-2014-7230 affects OpenStack components (oslo-incubator, Cinder, Nova, Trove). The vulnerability arises in processutils.execute where certain commands that trigger a ProcessExecutionError may write passwords to logs, allowing local attackers to read them. Mitigations involve upgrading to upstr...

2.1CVSS6.1AI score0.00469EPSS