Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Compute
(Openstack)| Repositories | https://github.com/openstack/nova |
| #Vulnerabilities | 12 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2013-09-16 | CVE-2013-4179 | The security group extension in OpenStack Compute (Nova) Grizzly 2013.1.3, Havana before havana-3, and earlier allows remote attackers to cause a denial of service (resource consumption and crash) via an XML Entity Expansion (XEE) attack. NOTE: this issue is due to an incomplete fix for CVE-2013-1664. | Compute, Havana | N/A | ||
| 2013-09-16 | CVE-2013-4278 | The "create an instance" API in OpenStack Compute (Nova) Folsom, Grizzly, and Havana does not properly enforce the os-flavor-access:is_public property, which allows remote authenticated users to boot arbitrary flavors by guessing the flavor id. NOTE: this issue is due to an incomplete fix for CVE-2013-2256. | Compute | N/A |