CVSS: 6.5EPSS: 1%CPEs: 3EXPL: 2CVE-2012-3361
https://notcve.org/view.php?id=CVE-2012-3361
22 Jul 2012 — virt/disk/api.py in OpenStack Compute (Nova) Folsom (2012.2), Essex (2012.1), and Diablo (2011.3) allows remote authenticated users to overwrite arbitrary files via a symlink attack on a file in an image. virt/disk/api.py en OpenStack Compute (Nova) Folsom (2.012,2), Essex (2.012,1) y Diablo (2.011,3) permite a usuarios remotos autenticados sobrescribir archivos arbitrarios a través de un ataque de enlace simbólico un archivo en una imagen. • http://lists.fedoraproject.org/pipermail/package-announce/2012-July/083969.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 2CVE-2012-3371
https://notcve.org/view.php?id=CVE-2012-3371
17 Jul 2012 — The Nova scheduler in OpenStack Compute (Nova) Folsom (2012.2) and Essex (2012.1), when DifferentHostFilter or SameHostFilter is enabled, allows remote authenticated users to cause a denial of service (excessive database lookup calls and server hang) via a request with many repeated IDs in the os:scheduler_hints section. El planificador Nova en OpenStack Compute (Nova) Folsom (2012.2) y Essex (2012.1), cuando DifferentHostFilter o SameHostFilter están activados, permite a usuarios remotos autenticados provo... • http://www.openwall.com/lists/oss-security/2012/07/11/13 • CWE-20: Improper Input Validation •