Rajaneesh Singh discovered Swift does not properly enforce metadata limits. An attacker could abuse this issue to store more metadata than allowed by policy. (CVE-2014-7960)
Clay Gerrard discovered Swift allowed users to delete the latest version of object regardless of object permissions when allow_version is configured. An attacker could use this issue to delete objects. (CVE-2015-1856)
{ "binaries": [ { "binary_name": "python-swift", "binary_version": "1.13.1-0ubuntu1.2" }, { "binary_name": "swift", "binary_version": "1.13.1-0ubuntu1.2" }, { "binary_name": "swift-account", "binary_version": "1.13.1-0ubuntu1.2" }, { "binary_name": "swift-container", "binary_version": "1.13.1-0ubuntu1.2" }, { "binary_name": "swift-doc", "binary_version": "1.13.1-0ubuntu1.2" }, { "binary_name": "swift-object", "binary_version": "1.13.1-0ubuntu1.2" }, { "binary_name": "swift-object-expirer", "binary_version": "1.13.1-0ubuntu1.2" }, { "binary_name": "swift-proxy", "binary_version": "1.13.1-0ubuntu1.2" } ], "availability": "No subscription required" }