VulnerableCode Package Details - pkg:rpm/redhat/openstack-swift@1.13.1-8?arch=el6ost

Search for packages

Vulnerability	Summary	Fixed by
VCID-1k44-tzfw-pkhw Aliases: CVE-2016-0737 GHSA-972c-cfv8-2hq8	OpenStack Object Storage (Swift) allows remote attackers to cause a denial of service A memory-leak issue was found in OpenStack Object Storage (swift), in the client-to-proxy connection. An OpenStack-authenticated attacker could remotely trigger this flaw to cause denial of service through excess memory consumption.	There are no reported fixed by versions.
VCID-4wxz-pgew-5uc4 Aliases: CVE-2016-0738 GHSA-fxwr-2vxm-cg7p	OpenStack Object Storage (Swift) allows remote attackers to cause a denial of service OpenStack Object Storage (Swift) before 2.3.1 (Kilo), 2.4.x, and 2.5.x before 2.5.1 (Liberty) do not properly close server connections, which allows remote attackers to cause a denial of service (proxy-server resource consumption) via a series of interrupted requests to a Large Object URL.	There are no reported fixed by versions.
VCID-yhkc-dkqq-x7fg Aliases: CVE-2015-5223 GHSA-q45h-chc8-hvp6	Exposure of Sensitive Information to an Unauthorized Actor OpenStack Object Storage (Swift) before 2.4.0 allows attackers to obtain sensitive information via a PUT tempurl and a DLO object manifest that references an object in another container.	There are no reported fixed by versions.

Vulnerability

Summary

Fixed by

VCID-1k44-tzfw-pkhw
Aliases:
CVE-2016-0737
GHSA-972c-cfv8-2hq8

OpenStack Object Storage (Swift) allows remote attackers to cause a denial of service A memory-leak issue was found in OpenStack Object Storage (swift), in the client-to-proxy connection. An OpenStack-authenticated attacker could remotely trigger this flaw to cause denial of service through excess memory consumption.

There are no reported fixed by versions.

VCID-4wxz-pgew-5uc4
Aliases:
CVE-2016-0738
GHSA-fxwr-2vxm-cg7p

OpenStack Object Storage (Swift) allows remote attackers to cause a denial of service OpenStack Object Storage (Swift) before 2.3.1 (Kilo), 2.4.x, and 2.5.x before 2.5.1 (Liberty) do not properly close server connections, which allows remote attackers to cause a denial of service (proxy-server resource consumption) via a series of interrupted requests to a Large Object URL.

There are no reported fixed by versions.

VCID-yhkc-dkqq-x7fg
Aliases:
CVE-2015-5223
GHSA-q45h-chc8-hvp6

Exposure of Sensitive Information to an Unauthorized Actor OpenStack Object Storage (Swift) before 2.4.0 allows attackers to obtain sensitive information via a PUT tempurl and a DLO object manifest that references an object in another container.

There are no reported fixed by versions.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T14:40:06.222508+00:00	RedHat Importer	Affected by	VCID-yhkc-dkqq-x7fg	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5223.json	38.0.0
2026-04-01T14:38:03.939128+00:00	RedHat Importer	Affected by	VCID-1k44-tzfw-pkhw	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0737.json	38.0.0
2026-04-01T14:38:03.862360+00:00	RedHat Importer	Affected by	VCID-4wxz-pgew-5uc4	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0738.json	38.0.0