VYPR

Folsom

by OpenStack

Source repositories

CVEs (25)

  • CVE-2012-4573Nov 11, 2012
    risk 0.00cvss epss 0.03

    The v1 API in OpenStack Glance Grizzly, Folsom (2012.2), and Essex (2012.1) allows remote authenticated users to delete arbitrary non-protected images via an image deletion request, a different vulnerability than CVE-2012-5482.

  • CVE-2012-3447Aug 20, 2012
    risk 0.00cvss epss 0.02

    virt/disk/api.py in OpenStack Compute (Nova) 2012.1.x before 2012.1.2 and Folsom before Folsom-3 allows remote authenticated users to overwrite arbitrary files via a symlink attack on a file in an image that uses a symlink that is only readable by root. NOTE: this vulnerability…

  • CVE-2012-3361Jul 22, 2012
    risk 0.00cvss epss 0.03

    virt/disk/api.py in OpenStack Compute (Nova) Folsom (2012.2), Essex (2012.1), and Diablo (2011.3) allows remote authenticated users to overwrite arbitrary files via a symlink attack on a file in an image.

  • CVE-2012-3360Jul 22, 2012
    risk 0.00cvss epss 0.03

    Directory traversal vulnerability in virt/disk/api.py in OpenStack Compute (Nova) Folsom (2012.2) and Essex (2012.1), when used over libvirt-based hypervisors, allows remote authenticated users to write arbitrary files to the disk image via a .. (dot dot) in the path attribute…

  • CVE-2012-3371Jul 17, 2012
    risk 0.00cvss epss 0.02

    The Nova scheduler in OpenStack Compute (Nova) Folsom (2012.2) and Essex (2012.1), when DifferentHostFilter or SameHostFilter is enabled, allows remote authenticated users to cause a denial of service (excessive database lookup calls and server hang) via a request with many…

Page 2 of 2