Openstack Security Vulnerabilities and Issues — Openstack CVE List

Lucene search

RedhatOpenstack

4 matches found

CVE•added 2014/11/01 11:55 p.m.•92 views

CVE-2014-3615

The VGA emulator in QEMU allows local guest users to read host memory by setting the display to a high resolution.

2.1CVSS6.1AI score0.00092EPSS

CVE•added 2023/03/06 11:15 p.m.•76 views

CVE-2022-4134

A flaw was found in openstack-glance. This issue could allow a remote, authenticated attacker to tamper with images, compromising the integrity of virtual machines created using these modified images.

2.8CVSS3.6AI score0.00091EPSS

CVE•added 2014/10/08 7:55 p.m.•48 views

CVE-2014-7230

The processutils.execute function in OpenStack oslo-incubator, Cinder, Nova, and Trove before 2013.2.4 and 2014.1 before 2014.1.3 allows local users to obtain passwords from commands that cause a ProcessExecutionError by reading the log.

2.1CVSS6.1AI score0.00123EPSS

CVE•added 2014/10/08 7:55 p.m.•48 views

CVE-2014-7231

The strutils.mask_password function in the OpenStack Oslo utility library, Cinder, Nova, and Trove before 2013.2.4 and 2014.1 before 2014.1.3 does not properly mask passwords when logging commands, which allows local users to obtain passwords by reading the log.

2.1CVSS6.1AI score0.00157EPSS