Product
|
Openstack Security Advisory
|
CVE Number
|
Title
|
Impact
|
Nova
|
2011-001
|
2011-4596
|
Path traversal issues registering malicious images using EC2 API
|
High
|
Nova
|
2012-001
|
2012-0030
|
Tenant bypass by authenticated users using OpenStack API
|
Critical
|
Keystone
|
2012-002
|
2012-1572
|
Extremely long passwords can crash Keystone
|
High
|
Nova
|
2012-003
|
2012-1585
|
Long server names grow nova-api log files significantly
|
High
|
Nova
|
2012-005
|
2012-2101
|
No quota enforced on security group rules
|
High
|
Nova
|
2012-007
|
2012-2654
|
Security groups fail to be set correctly
|
Medium
|
Nova
|
2012-008
|
2012-3360
|
Arbitrary file injection/corruption through directory traversal issues
|
Critical
|
Nova
|
2012-011
|
2012-3447
|
Compute node filesystem injection/corruption
|
Critical
|