Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

41 – 50 of 57 results


CVE-2013-2059

Low priority

Some fixes available 3 of 4

OpenStack Identity (Keystone) Folsom 2012.2.4 and earlier, Grizzly before 2013.1.1, and Havana does not immediately revoke the authentication token when deleting a user through the Keystone v2 API, which allows...

1 affected packages

keystone

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
keystone
Show less packages

CVE-2013-0270

Low priority
Ignored

OpenStack Keystone Grizzly before 2013.1, Folsom, and possibly earlier allows remote attackers to cause a denial of service (CPU and memory consumption) via a large HTTP request, as demonstrated by a long tenant_name when...

1 affected packages

keystone

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
keystone
Show less packages

CVE-2013-1865

Medium priority

Some fixes available 1 of 2

OpenStack Keystone Folsom (2012.2) does not properly perform revocation checks for Keystone PKI tokens when done through a server, which allows remote attackers to bypass intended access restrictions via a revoked PKI token.

1 affected packages

keystone

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
keystone
Show less packages

CVE-2013-0282

Medium priority

Some fixes available 2 of 3

OpenStack Keystone Grizzly before 2013.1, Folsom 2012.1.3 and earlier, and Essex does not properly check if the (1) user, (2) tenant, or (3) domain is enabled when using EC2-style authentication, which allows...

1 affected packages

keystone

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
keystone
Show less packages

CVE-2013-1665

Medium priority

Some fixes available 6 of 8

The XML libraries for Python 3.4, 3.3, 3.2, 3.1, 2.7, and 2.6, as used in OpenStack Keystone Essex and Folsom, Django, and possibly other products allow remote attackers to read arbitrary files via an XML external...

2 affected packages

keystone, python-django

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
keystone
python-django
Show less packages

CVE-2013-1664

Medium priority

Some fixes available 10 of 12

The XML libraries for Python 3.4, 3.3, 3.2, 3.1, 2.7, and 2.6, as used in OpenStack Keystone Essex, Folsom, and Grizzly; Compute (Nova) Essex and Folsom; Cinder Folsom; Django; and possibly other products allow remote attackers to...

5 affected packages

cinder, keystone, nova, python-django, quantum

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cinder
keystone
nova
python-django
quantum
Show less packages

CVE-2013-0247

Medium priority

Some fixes available 2 of 3

OpenStack Keystone Essex 2012.1.3 and earlier, Folsom 2012.2.3 and earlier, and Grizzly grizzly-2 and earlier allows remote attackers to cause a denial of service (disk consumption) via many invalid token requests that...

1 affected packages

keystone

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
keystone
Show less packages

CVE-2012-5483

Medium priority
Not affected

tools/sample_data.sh in OpenStack Keystone 2012.1.3, when access to Amazon Elastic Compute Cloud (Amazon EC2) is configured, uses world-readable permissions for /etc/keystone/ec2rc, which allows local users to obtain access to EC2...

1 affected packages

keystone

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
keystone
Show less packages

CVE-2012-5571

Medium priority

Some fixes available 2 of 3

OpenStack Keystone Essex (2012.1) and Folsom (2012.2) does not properly handle EC2 tokens when the user role has been removed from a tenant, which allows remote authenticated users to bypass intended authorization restrictions by...

1 affected packages

keystone

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
keystone
Show less packages

CVE-2012-5563

Low priority
Fixed

OpenStack Keystone, as used in OpenStack Folsom 2012.2, does not properly implement token expiration, which allows remote authenticated users to bypass intended authorization restrictions by creating new tokens through token...

1 affected packages

keystone

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
keystone
Show less packages