PYSEC-2014-116

See a problem?

Import Source

https://github.com/pypa/advisory-database/blob/main/vulns/swift/PYSEC-2014-116.yaml

JSON Data

https://api.osv.dev/v1/vulns/PYSEC-2014-116

Aliases

Published

2014-01-23T01:55:00Z

Modified

2024-11-25T22:42:23.749022Z

Summary

[none]

Details

The TempURL middleware in OpenStack Object Storage (Swift) 1.4.6 through 1.8.0, 1.9.0 through 1.10.0, and 1.11.0 allows remote attackers to obtain secret URLs by leveraging an object name and a timing side-channel attack.

References

Affected packages

PyPI / swift

Package

Name: swift; View open source insights on deps.dev
Purl: pkg:pypi/swift

Affected ranges

Type: ECOSYSTEM
Events: Introduced

1.4.6

Last affected

1.8.0

Database specific

source

"https://github.com/pypa/advisory-database/blob/main/vulns/swift/PYSEC-2014-116.yaml"

PyPI / swift

Package

Name: swift; View open source insights on deps.dev
Purl: pkg:pypi/swift

Affected ranges

Type: ECOSYSTEM
Events: Introduced

1.9.0

Last affected

1.10.0

Database specific

source

"https://github.com/pypa/advisory-database/blob/main/vulns/swift/PYSEC-2014-116.yaml"

PyPI / swift

Package

Name: swift; View open source insights on deps.dev
Purl: pkg:pypi/swift

Affected ranges

Type: ECOSYSTEM
Events: Introduced

1.11.0

Fixed

1.12.0

Affected versions

1.*

1.11.0

Database specific

source

"https://github.com/pypa/advisory-database/blob/main/vulns/swift/PYSEC-2014-116.yaml"