Описание
The security group extension in OpenStack Compute (Nova) Grizzly 2013.1.3, Havana before havana-3, and earlier allows remote attackers to cause a denial of service (resource consumption and crash) via an XML Entity Expansion (XEE) attack. NOTE: this issue is due to an incomplete fix for CVE-2013-1664.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 1:2013.2~rc2-0ubuntu1 |
| lucid | DNE | |
| precise | not-affected | |
| quantal | not-affected | |
| raring | released | 1:2013.1.3-0ubuntu1.1 |
| saucy | not-affected | 1:2013.2~rc2-0ubuntu1 |
| upstream | released | 1:2013.2 |
Показывать по
EPSS
4.3 Medium
CVSS2
Связанные уязвимости
The security group extension in OpenStack Compute (Nova) Grizzly 2013.1.3, Havana before havana-3, and earlier allows remote attackers to cause a denial of service (resource consumption and crash) via an XML Entity Expansion (XEE) attack. NOTE: this issue is due to an incomplete fix for CVE-2013-1664.
The security group extension in OpenStack Compute (Nova) Grizzly 2013.1.3, Havana before havana-3, and earlier allows remote attackers to cause a denial of service (resource consumption and crash) via an XML Entity Expansion (XEE) attack. NOTE: this issue is due to an incomplete fix for CVE-2013-1664.
The security group extension in OpenStack Compute (Nova) Grizzly 2013. ...
OpenStack Compute (Nova) vulnerable to denial of service via XML Entity Expansion attack
EPSS
4.3 Medium
CVSS2