Openstack - Orchestration Api CVE

Filtered by vendor Openstack Subscribe

Filtered by product Orchestration Api

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2015-5295	4 Fedoraproject, Openstack, Oracle and 1 more	4 Fedora, Orchestration Api, Solaris and 1 more	2019-06-19	5.5 MEDIUM	5.4 MEDIUM
The template-validate command in OpenStack Orchestration API (Heat) before 2015.1.3 (kilo) and 5.0.x before 5.0.1 (liberty) allows remote authenticated users to cause a denial of service (memory consumption) or determine the existence of local files via the resource type in a template, as demonstrated by file:///dev/zero.

Vulnerabilities (CVE)