Vulnerabilities > Openstack
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-28 | CVE-2019-15753 | Allocation of Resources Without Limits or Throttling vulnerability in Openstack Os-Vif 1.15.0/1.15.1/1.16.0 In OpenStack os-vif 1.15.x before 1.15.2, and 1.16.0, a hard-coded MAC aging time of 0 disables MAC learning in linuxbridge, forcing obligatory Ethernet flooding of non-local destinations, which both impedes network performance and allows users to possibly view the content of packets for instances belonging to other tenants sharing the same network. | 9.1 |
| 2019-08-09 | CVE-2019-14433 | Information Exposure Through an Error Message vulnerability in multiple products An issue was discovered in OpenStack Nova before 17.0.12, 18.x before 18.2.2, and 19.x before 19.0.2. | 6.5 |
| 2019-07-30 | CVE-2019-10141 | SQL Injection vulnerability in multiple products A vulnerability was found in openstack-ironic-inspector all versions excluding 5.0.2, 6.0.3, 7.2.4, 8.0.3 and 8.2.1. | 9.1 |
| 2019-06-21 | CVE-2016-7404 | Information Exposure vulnerability in Openstack Magnum OpenStack Magnum passes OpenStack credentials into the Heat templates creating its instances. | 9.8 |
| 2019-06-03 | CVE-2019-3895 | An access-control flaw was found in the Octavia service when the cloud platform was deployed using Red Hat OpenStack Platform Director. | 8.0 |
| 2019-04-22 | CVE-2011-3147 | Information Exposure vulnerability in Openstack Nova Versions of nova before 2012.1 could expose hypervisor host files to a guest operating system when processing a maliciously constructed qcow filesystem. | 8.6 |
| 2019-04-05 | CVE-2019-10876 | An issue was discovered in OpenStack Neutron 11.x before 11.0.7, 12.x before 12.0.6, and 13.x before 13.0.3. | 6.5 |
| 2019-03-26 | CVE-2019-3830 | Information Exposure Through Log Files vulnerability in multiple products A vulnerability was found in ceilometer before version 12.0.0.0rc1. | 7.8 |
| 2019-03-26 | CVE-2018-16856 | Information Exposure Through Log Files vulnerability in multiple products In a default Red Hat Openstack Platform Director installation, openstack-octavia before versions openstack-octavia 2.0.2-5 and openstack-octavia-3.0.1-0.20181009115732 creates log files that are readable by all users. | 7.5 |
| 2019-03-13 | CVE-2019-9735 | Improper Handling of Exceptional Conditions vulnerability in multiple products An issue was discovered in the iptables firewall module in OpenStack Neutron before 10.0.8, 11.x before 11.0.7, 12.x before 12.0.6, and 13.x before 13.0.3. | 6.5 |