Search for packages
| purl | pkg:rpm/redhat/openstack-cinder@2014.1.3-1?arch=el7ost |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 3.1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-8p6b-qw5m-jfha
Aliases: CVE-2014-7231 GHSA-v933-vx5p-j7w2 |
OpenStack Oslo utility sensitive information exposure via log files The strutils.mask_password function in the OpenStack Oslo utility library, Cinder, Nova, and Trove before 2013.2.4 and 2014.1 before 2014.1.3 does not properly mask passwords when logging commands, which allows local users to obtain passwords by reading the log. | There are no reported fixed by versions. |
|
VCID-ea21-seng-n3fw
Aliases: CVE-2014-3641 GHSA-qhch-g8qr-p497 |
OpenStack Cinder Exposure of Sensitive Information to an Unauthorized Actor vulnerability The (1) GlusterFS and (2) Linux Smbfs drivers in OpenStack Cinder before 2014.1.3 allows remote authenticated users to obtain file data from the Cinder-volume host by cloning and attaching a volume with a crafted qcow2 header. | There are no reported fixed by versions. |
|
VCID-ykzj-fz7y-eug8
Aliases: CVE-2014-7230 |
Trove: potential leak of passwords into log files | There are no reported fixed by versions. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T14:46:45.175298+00:00 | RedHat Importer | Affected by | VCID-8p6b-qw5m-jfha | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7231.json | 38.0.0 |
| 2026-04-01T14:46:45.070489+00:00 | RedHat Importer | Affected by | VCID-ykzj-fz7y-eug8 | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7230.json | 38.0.0 |
| 2026-04-01T14:45:50.969671+00:00 | RedHat Importer | Affected by | VCID-ea21-seng-n3fw | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3641.json | 38.0.0 |