OpenStack Cinder 2014.1 Release Candidate 2

CPE Details

OpenStack Cinder 2014.1 Release Candidate 2
2014.1
2023-02-02
19h20 +00:00
2023-02-06
15h04 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:openstack:cinder:2014.1:rc2:*:*:*:*:*:*

Informations

Vendor

openstack

Product

cinder

Version

2014.1

Update

rc2

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2014-3641 2014-10-08 17h00 +00:00 The (1) GlusterFS and (2) Linux Smbfs drivers in OpenStack Cinder before 2014.1.3 allows remote authenticated users to obtain file data from the Cinder-volume host by cloning and attaching a volume with a crafted qcow2 header.
4
CVE-2014-7230 2014-10-08 17h00 +00:00 The processutils.execute function in OpenStack oslo-incubator, Cinder, Nova, and Trove before 2013.2.4 and 2014.1 before 2014.1.3 allows local users to obtain passwords from commands that cause a ProcessExecutionError by reading the log.
2.1
CVE-2014-7231 2014-10-08 17h00 +00:00 The strutils.mask_password function in the OpenStack Oslo utility library, Cinder, Nova, and Trove before 2013.2.4 and 2014.1 before 2014.1.3 does not properly mask passwords when logging commands, which allows local users to obtain passwords by reading the log.
2.1