| CVE-2017-7214 |
critical |
9.8 |
9.8 |
|
|
|
9y ago |
An issue was discovered in exception_wrapper.py in OpenStack Nova 13.x through 13.1.3, 14.x through 14.0.4, and 15.x through 15.0.1. Legacy notification exception contexts appearing in ERROR level lo… |
| CVE-2017-17051 |
high |
8.6 |
8.6 |
|
|
|
9y ago |
An issue was discovered in the default FilterScheduler in OpenStack Nova 16.0.3. By repeatedly rebuilding an instance with new images, an authenticated user may consume untracked resources on a hyper… |
| CVE-2015-5162 |
high |
7.5 |
7.5 |
|
|
|
10y ago |
The image parser in OpenStack Cinder 7.0.2 and 8.0.0 through 8.1.1; Glance before 11.0.1 and 12.0.0; and Nova before 12.0.4 and 13.0.0 does not properly limit qemu-img calls, which might allow attack… |
| CVE-2013-7130 |
high |
— |
7.1 |
|
|
|
13y ago |
The i_create_images_and_backing (aka create_images_and_backing) method in libvirt driver in OpenStack Compute (Nova) Grizzly, Havana, and Icehouse, when using KVM live block migration, does not prope… |
| CVE-2013-4278 |
low |
— |
3.5 |
|
|
|
4y ago |
The "create an instance" API in OpenStack Compute (Nova) Folsom, Grizzly, and Havana does not properly enforce the os-flavor-access:is_public property, which allows remote authenticated users to boot… |
| CVE-2014-0134 |
low |
— |
3.5 |
|
|
|
12y ago |
The instance rescue mode in OpenStack Compute (Nova) 2013.2 before 2013.2.3 and Icehouse before 2014.1, when using libvirt to spawn images and use_cow_images is set to false, allows remote authentica… |
| CVE-2012-3371 |
low |
— |
3.5 |
|
|
|
14y ago |
The Nova scheduler in OpenStack Compute (Nova) Folsom (2012.2) and Essex (2012.1), when DifferentHostFilter or SameHostFilter is enabled, allows remote authenticated users to cause a denial of servic… |
| CVE-2012-2101 |
low |
— |
3.5 |
|
|
|
14y ago |
Openstack Compute (Nova) Folsom, 2012.1, and 2011.3 does not limit the number of security group rules, which allows remote authenticated users with certain permissions to cause a denial of service (C… |
| CVE-2013-7048 |
low |
— |
3.3 |
|
|
|
13y ago |
OpenStack Compute (Nova) Grizzly 2013.1.4, Havana 2013.2.1, and earlier uses world-writable and world-readable permissions for the temporary directory used to store live snapshots, which allows local… |
| CVE-2014-3608 |
low |
— |
2.7 |
|
|
|
12y ago |
The VMWare driver in OpenStack Compute (Nova) before 2014.1.3 allows remote authenticated users to bypass the quota limit and cause a denial of service (resource consumption) by putting the VM into t… |
| CVE-2014-2573 |
low |
— |
2.3 |
|
|
|
12y ago |
The VMWare driver in OpenStack Compute (Nova) 2013.2 through 2013.2.2 does not properly put VMs into RESCUE status, which allows remote authenticated users to bypass the quota limit and cause a denia… |
| CVE-2013-4463 |
low |
— |
2.1 |
|
|
|
4y ago |
OpenStack Compute (Nova) Folsom, Grizzly, and Havana does not properly verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service (host file system disk consumpti… |
| CVE-2013-2096 |
low |
— |
2.1 |
|
|
|
13y ago |
OpenStack Compute (Nova) Folsom, Grizzly, and Havana does not verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service (host file system disk consumption) by cr… |
| CVE-2013-4469 |
low |
— |
1.9 |
|
|
|
4y ago |
OpenStack Compute (Nova) Folsom, Grizzly, and Havana, when use_cow_images is set to False, does not verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service (ho… |
