Search CVE reports


Toggle filters

11 – 17 of 17 results


CVE-2014-7960

Low priority
Fixed

OpenStack Object Storage (Swift) before 2.2.0 allows remote authenticated users to bypass the max_meta_count and other metadata constraints via multiple crafted requests which exceed the limit when combined.

1 affected package

swift

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
swift
Show less packages

CVE-2014-3497

Medium priority
Fixed

Cross-site scripting (XSS) vulnerability in OpenStack Swift 1.11.0 through 1.13.1 allows remote attackers to inject arbitrary web script or HTML via the WWW-Authenticate header.

1 affected package

swift

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
swift
Show less packages

CVE-2013-6396

Low priority
Ignored

The OpenStack Python client library for Swift (python-swiftclient) 1.0 through 1.9.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information...

1 affected package

python-swiftclient

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
python-swiftclient
Show less packages

CVE-2014-0006

Medium priority

Some fixes available 3 of 4

The TempURL middleware in OpenStack Object Storage (Swift) 1.4.6 through 1.8.0, 1.9.0 through 1.10.0, and 1.11.0 allows remote attackers to obtain secret URLs by leveraging an object name and a timing side-channel attack.

1 affected package

swift

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
swift
Show less packages

CVE-2013-4155

Medium priority
Fixed

OpenStack Swift before 1.9.1 in Folsom, Grizzly, and Havana allows authenticated users to cause a denial of service ("superfluous" tombstone consumption and Swift cluster slowdown) via a DELETE request with a timestamp that is...

1 affected package

swift

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
swift
Show less packages

CVE-2013-2161

Low priority
Fixed

XML injection vulnerability in account/utils.py in OpenStack Swift Folsom, Grizzly, and Havana allows attackers to trigger invalid or spoofed Swift responses via an account name.

1 affected package

swift

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
swift
Show less packages

CVE-2012-4406

Low priority

Some fixes available 1 of 3

OpenStack Object Storage (swift) before 1.7.0 uses the loads function in the pickle Python module unsafely when storing and loading metadata in memcached, which allows remote attackers to execute arbitrary code via a crafted pickle object.

1 affected package

swift

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
swift
Show less packages