Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Swift
(Openstack)| Repositories |
• https://github.com/openstack/swift
• https://github.com/openstack/swauth |
| #Vulnerabilities | 13 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2014-01-23 | CVE-2014-0006 | The TempURL middleware in OpenStack Object Storage (Swift) 1.4.6 through 1.8.0, 1.9.0 through 1.10.0, and 1.11.0 allows remote attackers to obtain secret URLs by leveraging an object name and a timing side-channel attack. | Swift | N/A | ||
| 2014-02-18 | CVE-2013-6396 | The OpenStack Python client library for Swift (python-swiftclient) 1.0 through 1.9.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | Swift | N/A | ||
| 2013-08-20 | CVE-2013-4155 | OpenStack Swift before 1.9.1 in Folsom, Grizzly, and Havana allows authenticated users to cause a denial of service ("superfluous" tombstone consumption and Swift cluster slowdown) via a DELETE request with a timestamp that is older than expected. | Folsom, Grizzly, Havana, Swift | N/A |