Every CVE whose affected-product data names Openstack Swift, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (14)
CVE-2017-16613 — CVSS 9.8 (critical): An issue was discovered in middleware.py in OpenStack Swauth through 1.2.0 when used with OpenStack Swift through 2.15.1. The Swift object…
CVE-2012-4406 — CVSS 9.8 (critical): OpenStack Object Storage (swift) before 1.7.0 uses the loads function in the pickle Python module unsafely when storing and loading…
CVE-2016-0738 — CVSS 7.5 (high): OpenStack Object Storage (Swift) before 2.3.1 (Kilo), 2.4.x, and 2.5.x before 2.5.1 (Liberty) do not properly close server connections…
CVE-2016-0737 — CVSS 7.5 (high): OpenStack Object Storage (Swift) before 2.4.0 does not properly close client connections, which allows remote attackers to cause a denial…
CVE-2022-47950 — CVSS 6.5 (medium): An issue was discovered in OpenStack Swift before 2.28.1, 2.29.x before 2.29.2, and 2.30.0. By supplying crafted XML files, an…
CVE-2013-6396 — CVSS 5.8 (medium): The OpenStack Python client library for Swift (python-swiftclient) 1.0 through 1.9.0 does not verify X.509 certificates from SSL servers…
CVE-2015-1856 — CVSS 5.5 (medium): OpenStack Object Storage (Swift) before 2.3.0, when allow_version is configured, allows remote authenticated users to delete the latest…
CVE-2026-50221 — CVSS 5.4 (medium): In OpenStack Swift before 2.37.2, proxy-server does not strip internal update headers (X-Container-Host, X-Container-Device…
CVE-2015-5223 — CVSS 5.0 (medium): OpenStack Object Storage (Swift) before 2.4.0 allows attackers to obtain sensitive information via a PUT tempurl and a DLO object manifest…
CVE-2014-3497 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in OpenStack Swift 1.11.0 through 1.13.1 allows remote attackers to inject arbitrary web script or…
CVE-2017-8761 — CVSS 4.3 (medium): In OpenStack Swift through 2.10.1, 2.11.0 through 2.13.0, and 2.14.0, the proxy-server logs full tempurl paths, potentially leaking…
CVE-2014-0006 — CVSS 4.3 (medium): The TempURL middleware in OpenStack Object Storage (Swift) 1.4.6 through 1.8.0, 1.9.0 through 1.10.0, and 1.11.0 allows remote attackers to…
CVE-2014-7960 — CVSS 4.0 (medium): OpenStack Object Storage (Swift) before 2.2.0 allows remote authenticated users to bypass the max_meta_count and other metadata constraints…
CVE-2013-4155 — CVSS 4.0 (medium): OpenStack Swift before 1.9.1 in Folsom, Grizzly, and Havana allows authenticated users to cause a denial of service ("superfluous"…