659913dd22
This data has been collected from every advisory issued by the OpenStack VMT to date. The CVSSv2 information and impacts have been mined from Red Hat's CVE database. The severity and importance of these issues may differ from these ratings.
42 lines
1.3 KiB
JSON
42 lines
1.3 KiB
JSON
{
|
|
"advisory": {
|
|
"date": "2013-01-29",
|
|
"description": "Dan Prince of Red Hat discovered an issue in Glance error reporting. By creating an image in Glance by URL that references a mis-configured Swift endpoint, or if the Swift endpoint that a previously-ACTIVE image references for any reason becomes unusable, an authenticated user may access the Glance operator's Swift credentials for that endpoint. Only setups that use the single-tenant Swift store are affected. ",
|
|
"id": "2013-002",
|
|
"title": "Backend password leak in Glance error message",
|
|
"url": "http://lists.openstack.org/pipermail/openstack-announce/2013-January/000071.html"
|
|
},
|
|
"affects": [
|
|
{
|
|
"product": "glance",
|
|
"version": "TODO"
|
|
}
|
|
],
|
|
"bugs": [
|
|
"1098962"
|
|
],
|
|
"notes": "",
|
|
"reporters": [
|
|
{
|
|
"company": "Red Hat",
|
|
"name": "Dan Prince"
|
|
}
|
|
],
|
|
"reviews": [
|
|
"20695",
|
|
"20696",
|
|
"20697"
|
|
],
|
|
"schema_version": 1,
|
|
"vulnerabilities": [
|
|
{
|
|
"cve": "CVE-2013-0212",
|
|
"cvss": {
|
|
"base_score": "4.0",
|
|
"scoring_vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"
|
|
},
|
|
"cwe": "TODO",
|
|
"impact": "important"
|
|
}
|
|
]
|
|
} |