VYPR

Openstack

by Red Hat

Source repositories

CVEs (107)

  • CVE-2013-4261Oct 29, 2013
    risk 0.00cvss epss 0.02

    OpenStack Compute (Nova) Folsom, Grizzly, and earlier, when using Apache Qpid for the RPC backend, does not properly handle errors that occur during messaging, which allows remote attackers to cause a denial of service (connection pool consumption), as demonstrated using…

  • CVE-2013-4185Oct 29, 2013
    risk 0.00cvss epss 0.02

    Algorithmic complexity vulnerability in OpenStack Compute (Nova) before 2013.1.3 and Havana before havana-3 does not properly handle network source security group policy updates, which allows remote authenticated users to cause a denial of service (nova-network consumption) via…

  • CVE-2013-4222Sep 30, 2013
    risk 0.00cvss epss 0.02

    OpenStack Identity (Keystone) Folsom, Grizzly 2013.1.3 and earlier, and Havana before havana-3 does not properly revoke user tokens when a tenant is disabled, which allows remote authenticated users to retain access via the token.

  • CVE-2013-4182Sep 16, 2013
    risk 0.00cvss epss 0.02

    app/controllers/api/v1/hosts_controller.rb in Foreman before 1.2.2 does not properly restrict access to hosts, which allows remote attackers to access arbitrary hosts via an API request.

  • CVE-2013-4180Sep 16, 2013
    risk 0.00cvss epss 0.02

    The (1) power and (2) ipmi_boot actions in the HostController in Foreman before 1.2.2 allow remote attackers to cause a denial of service (memory consumption) via unspecified input that is converted to a symbol.

  • CVE-2013-2882Jul 31, 2013
    risk 0.00cvss epss 0.02

    Google V8, as used in Google Chrome before 28.0.1500.95, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that leverage "type confusion."

  • CVE-2012-6120Apr 10, 2013
    risk 0.00cvss epss 0.00

    Red Hat OpenStack Essex and Folsom creates the /var/log/puppet directory with world-readable permissions, which allows local users to obtain sensitive information such as Puppet log files.

Page 6 of 6