Jump to: navigation, search

Difference between revisions of "SecurityAdvisories/Diablo"

m (Text replace - "__NOTOC__" to "")
 
Line 1: Line 1:
__NOTOC__
+
 
 
= Diablo Security Advisories =
 
= Diablo Security Advisories =
  

Latest revision as of 23:30, 17 February 2013

Diablo Security Advisories

Product Openstack Security Advisory CVE Number Title Impact
Nova 2011-001 2011-4596 Path traversal issues registering malicious images using EC2 API High
Nova 2012-001 2012-0030 Tenant bypass by authenticated users using OpenStack API Critical
Keystone 2012-002 2012-1572 Extremely long passwords can crash Keystone High
Nova 2012-003 2012-1585 Long server names grow nova-api log files significantly High
Nova 2012-005 2012-2101 No quota enforced on security group rules High
Nova 2012-007 2012-2654 Security groups fail to be set correctly Medium
Nova 2012-008 2012-3360 Arbitrary file injection/corruption through directory traversal issues Critical
Nova 2012-011 2012-3447 Compute node filesystem injection/corruption Critical