Openstack Icehouse vulnerabilities
2 known vulnerabilities affecting openstack/icehouse.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2015-1851MEDIUMCVSS 6.8≤ 2014.1.42015-06-25
CVE-2015-1851 [MEDIUM] CWE-200 CVE-2015-1851: OpenStack Cinder before 2014.1.5 (icehouse), 2014.2.x before 2014.2.4 (juno), and 2015.1.x before 20
OpenStack Cinder before 2014.1.5 (icehouse), 2014.2.x before 2014.2.4 (juno), and 2015.1.x before 2015.1.1 (kilo) allows remote authenticated users to read arbitrary files via a crafted qcow2 signature in an image to the upload-to-image command.
nvd
CVE-2014-0162MEDIUMCVSS 6.0vrc-12014-04-27
CVE-2014-0162 [MEDIUM] CWE-20 CVE-2014-0162: The Sheepdog backend in OpenStack Image Registry and Delivery Service (Glance) 2013.2 before 2013.2.
The Sheepdog backend in OpenStack Image Registry and Delivery Service (Glance) 2013.2 before 2013.2.4 and icehouse before icehouse-rc2 allows remote authenticated users with permission to insert or modify an image to execute arbitrary commands via a crafted location.
nvd