Download
| Alert*
oval:org.secpod.oval:def:704575
cinder-common is installed oval:org.secpod.oval:def:610369 Guillaume Espanel, Pierre Libeau, Arnaud Morin and Damien Rannou discovered that missing input sanitising in the handling of VMDK images in Cinder, the OpenStack block storage system, may result in information disclosure. oval:org.secpod.oval:def:89440 cinder: OpenStack storage service Cinder could be made to expose sensitive information. oval:org.secpod.oval:def:89339 Guillaume Espanel, Pierre Libeau, Arnaud Morin and Damien Rannou discovered that missing input sanitising in the handling of VMDK images in Cinder, the OpenStack block storage system, may result in information disclosure. oval:org.secpod.oval:def:708316 cinder: OpenStack storage service - ironic: Openstack bare metal provisioning service - nova: OpenStack Compute cloud infrastructure - python-glance-store: OpenStack Image Service store library - python-os-brick: Library for managing local volume attaches OpenStack could be made to expose sensitive ... oval:org.secpod.oval:def:708141 cinder: OpenStack storage service Cinder could be made to expose sensitive information. oval:org.secpod.oval:def:1900290 A vulnerability was found in openstack-cinder-common releases up to and including Queens, allowing newly created volumes in certain storage volume configurations to contain previous data. It specifically affects ScaleIOvolumes using thin volumes and zero padding. This could lead to leakage of sensit ... |