CVE search results

11 – 14 of 14 results

Detailed view

Sort by:

CVE-2013-6491

Medium priority

Some fixes available 3 of 4

The python-qpid client (common/rpc/impl_qpid.py) in OpenStack Oslo before 2013.2 does not enforce SSL connections when qpid_protocol is set to ssl, which allows remote attackers to obtain sensitive information by sniffing the network.

5 affected packages

cinder, keystone, neutron, nova, quantum

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
cinder	—	—	—	—	—
keystone	—	—	—	—	—
neutron	—	—	—	—	—
nova	—	—	—	—	—
quantum	—	—	—	—	—

CVE-2013-4202

Medium priority

Fixed

The (1) backup (api/contrib/backups.py) and (2) volume transfer (contrib/volume_transfer.py) APIs in OpenStack Cinder Grizzly 2013.1.3 and earlier allows remote attackers to cause a denial of service (resource consumption and...

1 affected package

cinder

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
cinder	—	—	—	—	—

CVE-2013-4183

Medium priority

Fixed

The clear_volume function in LVMVolumeDriver driver in OpenStack Cinder 2013.1.1 through 2013.1.2 does not properly clear data when deleting a snapshot, which allows local users to obtain sensitive information via unspecified vectors.

1 affected package

cinder

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
cinder	—	—	—	—	—

CVE-2013-1664

Medium priority

Some fixes available 10 of 12

The XML libraries for Python 3.4, 3.3, 3.2, 3.1, 2.7, and 2.6, as used in OpenStack Keystone Essex, Folsom, and Grizzly; Compute (Nova) Essex and Folsom; Cinder Folsom; Django; and possibly other products allow remote attackers to...

5 affected packages

cinder, keystone, nova, python-django, quantum

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
cinder	—	—	—	—	—
keystone	—	—	—	—	—
nova	—	—	—	—	—
python-django	—	—	—	—	—
quantum	—	—	—	—	—

Export to JSON

Results by page:

Search CVE reports