2 results (0.014 seconds)

CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2016-7498

https://notcve.org/view.php?id=CVE-2016-7498

OpenStack Compute (nova) 13.0.0 does not properly delete instances from compute nodes, which allows remote authenticated users to cause a denial of service (disk consumption) by deleting instances while in the resize state. NOTE: this vulnerability exists because of a CVE-2015-3280 regression. OpenStack Compute (nova) 13.0.0 no elimina adecuadamente instancias desde nodos de cómputo, lo que permite a atacantes remotos provocar una denegación de servicio (consumo de disco) mediante la eliminación de instancias durante el estado de cambio de tamaño. NOTA: esta vulnerabilidad existe debido a una regresión de CVE-2015-3280. • http://www.openwall.com/lists/oss-security/2016/09/21/8 http://www.openwall.com/lists/oss-security/2016/09/23/1 http://www.securityfocus.com/bid/93068 https://security.openstack.org/ossa/OSSA-2016-011.html • CWE-399: Resource Management Errors •

CVSS: 5.0EPSS: 9%CPEs: 6EXPL: 1

CVE-2013-1664 – bindings: Internal entity expansion in Python XML libraries inflicts DoS vulnerabilities

https://notcve.org/view.php?id=CVE-2013-1664

The XML libraries for Python 3.4, 3.3, 3.2, 3.1, 2.7, and 2.6, as used in OpenStack Keystone Essex, Folsom, and Grizzly; Compute (Nova) Essex and Folsom; Cinder Folsom; Django; and possibly other products allow remote attackers to cause a denial of service (resource consumption and crash) via an XML Entity Expansion (XEE) attack. OpenStack Keystone Essex, Folsom, y Grizzly; Compute (Nova) Essex y Folsom, Folsom y Cinder permite a atacantes remotos provocar una denegación de servicio (consumo de recursos y caída) mediante un ataque de Entidad de expansión XML(XEE). • http://blog.python.org/2013/02/announcing-defusedxml-fixes-for-xml.html http://bugs.python.org/issue17239 http://lists.openstack.org/pipermail/openstack-announce/2013-February/000078.html http://rhn.redhat.com/errata/RHSA-2013-0657.html http://rhn.redhat.com/errata/RHSA-2013-0658.html http://rhn.redhat.com/errata/RHSA-2013-0670.html http://ubuntu.com/usn/usn-1757-1 http://www.openwall.com/lists/oss-security/2013/02/19/2 http://www.openwall.com/lists/oss-security • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •