SecurityAdvisories/Diablo

= Diablo Security Advisories =

{| border="1" cellpadding="2" cellspacing="0"
 * Product
 * Openstack Security Advisory
 * CVE Number
 * Title
 * Impact
 * Nova
 * 2011-001
 * 2011-4596
 * Path traversal issues registering malicious images using EC2 API
 * High
 * Nova
 * 2012-001
 * 2012-0030
 * Tenant bypass by authenticated users using OpenStack API
 * Critical
 * Keystone
 * 2012-002
 * 2012-1572
 * Extremely long passwords can crash Keystone
 * High
 * Nova
 * 2012-003
 * 2012-1585
 * Long server names grow nova-api log files significantly
 * High
 * Nova
 * 2012-005
 * 2012-2101
 * No quota enforced on security group rules
 * High
 * Nova
 * 2012-007
 * 2012-2654
 * Security groups fail to be set correctly
 * Medium
 * rowspan=2 |Nova
 * rowspan=2 |2012-008
 * 2012-3360
 * rowspan=2 |Arbitrary file injection/corruption through directory traversal issues
 * rowspan=2 |Critical
 * Nova
 * 2012-011
 * 2012-3447
 * Compute node filesystem injection/corruption
 * Critical
 * rowspan=2 |Arbitrary file injection/corruption through directory traversal issues
 * rowspan=2 |Critical
 * Nova
 * 2012-011
 * 2012-3447
 * Compute node filesystem injection/corruption
 * Critical
 * Compute node filesystem injection/corruption
 * Critical