Difference between revisions of "SecurityAdvisories/Diablo"
Line 38: | Line 38: | ||
| No quota enforced on security group rules | | No quota enforced on security group rules | ||
| High | | High | ||
+ | |- | ||
+ | | Nova | ||
+ | | [https://lists.launchpad.net/openstack/msg12883.html 2012-007] | ||
+ | | 2012-2654 | ||
+ | | Security groups fail to be set correctly | ||
+ | | Medium |
Revision as of 07:31, 7 June 2012
Diablo Security Advisories
Product | Openstack Security Advisory | CVE Number | Title | Impact |
Nova | 2011-001 | 2011-4596 | Path traversal issues registering malicious images using EC2 API | High |
Nova | 2012-001 | 2012-0030 | Tenant bypass by authenticated users using OpenStack API | Critical |
Keystone | 2012-002 | 2012-1572 | Extremely long passwords can crash Keystone | High |
Nova | 2012-003 | 2012-1585 | Long server names grow nova-api log files significantly | High |
Nova | 2012-005 | 2012-2101 | No quota enforced on security group rules | High |
Nova | 2012-007 | 2012-2654 | Security groups fail to be set correctly | Medium |