Essex Security Advisories
Product
|
Date
|
Openstack Security Advisory
|
CVE Number
|
Title
|
Impact
|
Nova
|
July 3, 2012
|
Arbitrary file injection/corruption through directory traversal issues
|
Critial
|
Fixed in 2012.1.1
See ReleaseNotes/2012.1.1
Product
|
Date
|
Openstack Security Advisory
|
CVE Number
|
Title
|
Impact
|
Horizon
|
April 17, 2012
|
2012-004
|
2012-2094
|
XSS vulnerability in Horizon log viewer
|
High
|
Nova
|
April 19, 2012
|
2012-005
|
2012-2101
|
No quota enforced on security group rules
|
High
|
Horizon
|
May 4, 2012
|
2012-006
|
2012-2144
|
Horizon session fixation and reuse
|
Critical
|
Nova
|
June 6, 2012
|
2012-007
|
2012-2654
|
Security groups fail to be set correctly
|
Medium
|