User contributions
(newest | oldest) View (newer 50 | older 50) (20 | 50 | 100 | 250 | 500)
- 19:51, 9 June 2016 (diff | hist) . . (-10) . . Security Notes (→Published Security Notes)
- 19:49, 9 June 2016 (diff | hist) . . (+2,402) . . N OSSN/OSSN-0063 (Created page with "__NOTOC__ == Nova and Cinder key manager for Barbican misuses cached credentials == === Summary === During the Icehouse release the Cinder and Nova projects added a feature t...")
- 20:56, 25 January 2016 (diff | hist) . . (+10) . . OSSN/OSSN-0060 (→Contacts / References)
- 20:55, 25 January 2016 (diff | hist) . . (-6) . . Security Notes (→Published Security Notes)
- 23:00, 15 December 2015 (diff | hist) . . (-11) . . Security Notes (→Published Security Notes)
- 23:00, 15 December 2015 (diff | hist) . . (+2,957) . . N OSSN/OSSN-0062 (Created page with "__NOTOC__ == Potential reuse of revoked Identity tokens == === Summary === An authorization token issued by the Identity service can be revoked, which is designed to immediat...")
- 22:43, 15 December 2015 (diff | hist) . . (+15) . . Security Notes (→Published Security Notes)
- 22:39, 15 December 2015 (diff | hist) . . (-5) . . Security Notes (→Published Security Notes)
- 22:38, 15 December 2015 (diff | hist) . . (+1,677) . . OSSN/OSSN-0061
- 20:23, 15 December 2015 (diff | hist) . . (+108) . . Security Notes (→Published Security Notes)
- 21:33, 16 November 2015 (diff | hist) . . (-11) . . Security Notes
- 21:33, 16 November 2015 (diff | hist) . . (+1,812) . . OSSN/OSSN-0059
- 22:08, 15 October 2015 (diff | hist) . . (-153) . . Security Notes (→Published Security Notes)
- 22:07, 15 October 2015 (diff | hist) . . (+2,218) . . N OSSN/OSSN-0057 (Created page with "__NOTOC__ == DoS attack on Glance service can lead to interruption or disruption == === Summary === The typical Glance workflow allows authenticated users to create an image...")
- 19:39, 23 September 2015 (diff | hist) . . (-72) . . OSSN/OSSN-0033 (→Contacts / References)
- 19:38, 23 September 2015 (diff | hist) . . (+271) . . OSSN/OSSN-0033 (→Contacts / References)
- 19:21, 23 September 2015 (diff | hist) . . (-11) . . Security Notes (→Published Security Notes)
- 19:20, 23 September 2015 (diff | hist) . . (+3,103) . . OSSN/OSSN-0053
- 02:21, 18 September 2015 (diff | hist) . . (-12) . . Security Notes
- 02:20, 18 September 2015 (diff | hist) . . (+2,569) . . OSSN/OSSN-0056
- 21:16, 17 September 2015 (diff | hist) . . (-11) . . Security Notes (→Published Security Notes)
- 21:16, 17 September 2015 (diff | hist) . . (+2,512) . . OSSN/OSSN-0058
- 21:08, 17 September 2015 (diff | hist) . . (-24) . . Security Notes (→Published Security Notes)
- 21:07, 17 September 2015 (diff | hist) . . (+2,115) . . N OSSN/OSSN-0054 (Created page with "__NOTOC__ == Potential Denial of Service in Horizon login == === Summary === Horizon uses the Python based Django web framework. Older versions of this framework allow an una...")
- 18:41, 17 September 2015 (diff | hist) . . (+1) . . Security Notes (→Published Security Notes)
- 18:38, 17 September 2015 (diff | hist) . . (+10) . . OSSN/OSSN-0055
- 18:27, 17 September 2015 (diff | hist) . . (+5) . . Security Notes (→Published Security Notes)
- 18:26, 17 September 2015 (diff | hist) . . (+1,515) . . OSSN/OSSN-0052
- 13:46, 7 July 2015 (diff | hist) . . (+1) . . m OSSN/OSSN-0049 (→Discussion)
- 13:43, 7 July 2015 (diff | hist) . . (-12) . . Security Notes (→Published Security Notes)
- 13:42, 7 July 2015 (diff | hist) . . (+3,037) . . N OSSN/OSSN-0049 (Created page with "__NOTOC__ == Nova ironic driver logs sensitive information while operating in debug mode == === Summary === The password and authentication token configuration options for th...")
- 14:17, 11 May 2015 (diff | hist) . . (-8) . . Security Notes (→Published Security Notes)
- 14:17, 11 May 2015 (diff | hist) . . (+1,708) . . OSSN/OSSN-0046 (→OSSN-0046)
- 14:54, 30 April 2015 (diff | hist) . . (-11) . . Security Notes (→Published Security Notes)
- 14:54, 30 April 2015 (diff | hist) . . (+3,192) . . N OSSN/OSSN-0048 (Created page with "__notoc__ == Glance method filtering does not work under certain conditions == === Summary === Glance is using the Python assert statement for validating the HTTP method typ...")
- 18:32, 19 April 2015 (diff | hist) . . (+14) . . Security Notes (→Published Security Notes)
- 18:31, 19 April 2015 (diff | hist) . . (+6,366) . . N OSSN/OSSN-0047 (Created page with "__NOTOC__ == Keystone does not validate that identity providers match federation mappings == === Summary === Keystone's OS-FEDERATION extension does not enforce a link betwee...")
- 14:53, 9 April 2015 (diff | hist) . . (+114) . . Security Notes (→Published Security Notes)
- 18:10, 11 March 2015 (diff | hist) . . (+2) . . Security Notes (→Published Security Notes)
- 18:10, 11 March 2015 (diff | hist) . . (+4,413) . . OSSN/OSSN-0045
- 21:08, 2 March 2015 (diff | hist) . . (+9) . . Security Notes (→Published Security Notes)
- 21:07, 2 March 2015 (diff | hist) . . (+1,583) . . N OSSN/OSSN-0044 (Created page with "__NOTOC__ == Older versions of noVNC allow session theft == === Summary === Commonly packaged versions of noVNC allow an attacker to hijack user sessions even when TLS is ena...")
- 16:37, 6 February 2015 (diff | hist) . . (-8) . . Security Notes (→Published Security Notes)
- 12:49, 5 February 2015 (diff | hist) . . (+2,986) . . N OSSN/OSSN-0043 (Created page with "__NOTOC__ == glibc 'GHOST' vulnerability can allow remote code execution == === Summary === A serious vulnerability in the GNU C library (glibc) gethostbyname* functions can...")
- 06:41, 18 December 2014 (diff | hist) . . (-11) . . Security Notes
- 02:06, 18 December 2014 (diff | hist) . . (+2,384) . . N OSSN/OSSN-0038 (Created page with "__NOTOC__ == Suds client subject to cache poisoning by local attacker == === Summary === Suds is a Python SOAP client for consuming Web Services. Its default cache implement...")
- 16:17, 17 December 2014 (diff | hist) . . (+8) . . Security Notes (→Published Security Notes)
- 16:16, 17 December 2014 (diff | hist) . . (-41) . . Security Notes
- 01:42, 17 December 2014 (diff | hist) . . (+2,376) . . N OSSN/OSSN-0042 (Created page with "__NOTOC__ == Keystone token scoping provides no security benefit == === Summary === Keystone provides "scoped" tokens that are constrained to use by a single project. A user...")
- 17:38, 23 October 2014 (diff | hist) . . (+4,886) . . N Security/Kilo/Keystone (Created page with "This page documents security related details for the Keystone project in the OpenStack Kilo release. === Implemented Crypto === Keystone doesn't have an home-brewed encryption...") (current)
(newest | oldest) View (newer 50 | older 50) (20 | 50 | 100 | 250 | 500)