View at Official suse advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2015-7548 severity moderate: SUSE including 54 source package names (openstack-keystone-2014.2.4.juno-17.1, openstack-keystone-doc-2014.2.4.juno-17.2, …), 67 product×package rows across 3 product lines (SUSE OpenStack Cloud 5, SUSE OpenStack Cloud 6, SUSE OpenStack Cloud 7): Fixed 39, Known Not Affected 28.
OpenStack Compute (Nova) before 2015.1.3 (kilo) and 12.0.x before 12.0.1 (liberty), when using libvirt to spawn instances and use_cow_images is set to false, allow remote authenticated users to read arbitrary files by overwriting an instance disk with a crafted image and requesting a snapshot.