rpm package
suse/openstack-keystone-doc&distro=SUSE OpenStack Cloud 5
pkg:rpm/suse/openstack-keystone-doc&distro=SUSE%20OpenStack%20Cloud%205
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2015-7548 | Low | 3.5 | < 2014.2.4.juno-17.2 | 2014.2.4.juno-17.2 | Jan 12, 2016 | OpenStack Compute (Nova) before 2015.1.3 (kilo) and 12.0.x before 12.0.1 (liberty), when using libvirt to spawn instances and use_cow_images is set to false, allow remote authenticated users to read arbitrary files by overwriting an instance disk with a crafted image and requesti | |
| CVE-2015-3646 | — | < 2014.2.4.juno-17.2 | 2014.2.4.juno-17.2 | May 12, 2015 | OpenStack Identity (Keystone) before 2014.1.5 and 2014.2.x before 2014.2.4 logs the backend_argument configuration option content, which allows remote authenticated users to obtain passwords and other sensitive backend information by reading the Keystone logs. | ||
| CVE-2014-9684 | — | < 2014.2.4.dev5-11.12 | 2014.2.4.dev5-11.12 | Feb 24, 2015 | OpenStack Image Registry and Delivery Service (Glance) 2014.2 through 2014.2.2 does not properly remove images, which allows remote authenticated users to cause a denial of service (disk consumption) by creating a large number of images using the task v2 API and then deleting the |
- affected < 2014.2.4.juno-17.2fixed 2014.2.4.juno-17.2
OpenStack Compute (Nova) before 2015.1.3 (kilo) and 12.0.x before 12.0.1 (liberty), when using libvirt to spawn instances and use_cow_images is set to false, allow remote authenticated users to read arbitrary files by overwriting an instance disk with a crafted image and requesti
- CVE-2015-3646May 12, 2015affected < 2014.2.4.juno-17.2fixed 2014.2.4.juno-17.2
OpenStack Identity (Keystone) before 2014.1.5 and 2014.2.x before 2014.2.4 logs the backend_argument configuration option content, which allows remote authenticated users to obtain passwords and other sensitive backend information by reading the Keystone logs.
- CVE-2014-9684Feb 24, 2015affected < 2014.2.4.dev5-11.12fixed 2014.2.4.dev5-11.12
OpenStack Image Registry and Delivery Service (Glance) 2014.2 through 2014.2.2 does not properly remove images, which allows remote authenticated users to cause a denial of service (disk consumption) by creating a large number of images using the task v2 API and then deleting the