The security group extension in OpenStack Compute (Nova) Grizzly 2013.1.3, Havana before havana-3, and earlier allows remote attackers to cause a denial of service (resource consumption and crash) via an XML Entity Expansion (XEE) attack. NOTE: this issue is due to an incomplete fix for CVE-2013-1664.
Max CVSS
4.3
EPSS Score
0.54%
Published
2013-09-16
Updated
2023-02-13
1 vulnerabilities found