OpenStack Havana Havana-2
Approved changes feed: RSS · Atom
cpe:2.3:a:openstack:havana:havana-2:*:*:*:*:*:*:*
part: a version: havana-2 update: *
| Vendor | Openstack (7b0cf974-b2b5-592e-bdf4-6953805ef02a) |
|---|---|
| Product | Havana (f67b8963-b067-56e5-b5d5-51a071aa1dd4) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:github/puppetlabs/puppetlabs-havana |
purl2cpe | 2026-06-01 10:17:03.417188 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2013-4497 |
vulnerable | 2026-06-03 14:33:17.320181 |
Details available
The XenAPI backend in OpenStack Compute (Nova) Folsom, Grizzly, and Havana before 2013.2 does not properly apply security groups (1) when resizing an image or (2) during live migration, which allows remote attackers to bypass intended restrictions.
Published: 2013-11-05T20:00:00.000Z
Updated: 2024-08-06T16:45:14.926Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2013-2030 |
vulnerable | 2026-06-03 14:32:53.277001 |
Details available
keystone/middleware/auth_token.py in OpenStack Nova Folsom, Grizzly, and Havana uses an insecure temporary directory for storing signing certificates, which allows local users to spoof servers by pre-creating this directory, which is reused by Nova, as demonstrated using /tmp/keystone-signing-nova on Fedora.
Published: 2013-12-27T01:00:00.000Z
Updated: 2024-08-06T15:20:37.504Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.