OpenStack Swift vulnerability

ID USN-2207-1
Type ubuntu
Reporter Ubuntu
Modified 2014-05-06T00:00:00


Samuel Merritt discovered a timing attack vulnerability in OpenStack Swift. If Swift was configured to use the TempURL middleware, an attacker could exploit this to guess valid secret URLs and obtain unintended access to objects publicly shared with specific recipients.