pkg:PyPI/nova

All known vulnerabilities

• CRITICAL9.8CVE-2017-7214OpenStack Nova logs sensitive context from notification exceptions
  >= 13.0.0, < 13.1.4
• HIGH8.6CVE-2017-17051OpenStack Nova DoS by rebuilding the same instance with a new image multiple times
  from 0, < 16.0.4
• HIGH8.3OpenStack Nova Live migration fails to update persistent domain XML
  from 0, < 19.3.1
• HIGH8.3OpenStack Nova Live migration fails to update persistent domain XML
  from 0, < 19.3.1, >= 20.0.0, < 20.3.1, >= 21.0.0, < 21.1.0
• HIGH8.2nova - security update
  >= 32.0.0.0rc1, <= 32.1.0
• HIGH7.5OpenStack Nova Live migration can leak root disk into ephemeral storage
  from 0, < 12.0.0a0
• HIGH7.5OpenStack Nova Live migration can leak root disk into ephemeral storage
  from 0, < 12.0.0a0
• HIGH7.5OpenStack Cinder, Glance, and Nova contain Uncontrolled Resource Consumption
  from 0, < 12.0.4
• HIGH7.5OpenStack Nova Denial of service attack on the compute host
  >= 15.0.0, < 15.1.1
• MEDIUM6.5OpenStack Nova vulnerable to unauthorized access to potentially sensitive data
  from 0, <= 27.4.0
• MEDIUM6.5nova - security update
  from 0, <= 29.0.2
• MEDIUM6.5nova - security update
  >= 19.0.0, < 19.0.2, from 0, < 17.0.12, >= 18.0.0, < 18.2.2
• MEDIUM6.5nova - security update
  from 0, < 17.0.12
• MEDIUM6.5OpenStack Nova VMWare driver leaks rescued images
  from 0, < 12.0.0a0
• MEDIUM6.5OpenStack Nova VMWare driver leaks rescued images
  from 0, < 12.0.0a0
• MEDIUM6.5Arbitrary file overwrite in OpenStack Nova
  from 0, < 12.0.0
• MEDIUM6.5Arbitrary file overwrite in OpenStack Nova
  from 0, < ce4b2e27be45a85b310237615c47eb53f37bb5f3, < d9577ce9f266166a297488445b5b0c93c1ddb368 | from 0
• MEDIUM6.5OpenStack Compute (Nova) Denial of service via a large number of calls to the addFixedIp function
  from 0, < 12.0.0a0
• MEDIUM6.5OpenStack Compute (Nova) Denial of service via a large number of calls to the addFixedIp function
  from 0, < 12.0.0a0
• MEDIUM6.5nova - security update
  >= 16.0.0, < 16.0.3
• MEDIUM6.5OpenStack Compute Nova Unauthorised access to arbitrary VM using VNC token from deleted VM
  from 0, < 12.0.0a0
• MEDIUM6.5OpenStack Compute Nova Unauthorised access to arbitrary VM using VNC token from deleted VM
  from 0, < 12.0.0a0
• MEDIUM6.1Open Redirect in CPython that affects users of OpenStack Nova
  from 0, < 21.2.3
• MEDIUM5.9OpenStack Nova Potential Xen connection password leak via StorageError
  >= 12.0.0, < 12.0.1
• MEDIUM5.9OpenStack Nova Exposure of Sensitive Information to an Unauthorized Actor
  from 0, < 12.0.0a0
• MEDIUM5.7cinder - security update
  from 0, < 24.1.2
• MEDIUM5.3OpenStack Nova host data access through resize/migration
  >= 12.0.0, < 12.0.3
• MEDIUM4.7OpenStack Compute (Nova) Improper Access Control
  from 0, < 15.0.0.0b1
• MEDIUM4.7OpenStack Compute (Nova) Improper Access Control
  from 0, < 15.0.0.0b1
• LOW3.3OpenStack Nova Changing vnic_type breaks compute service restart
  from 0, < 23.2.2
• LOW3.3OpenStack Nova can leak consoleauth token into log files
  from 0, < 18.2.4
• LOW3.1OpenStack Nova host data leak to vm instance in rescue mode
  from 0, < 12.0.0a0
• LOW3.1OpenStack Nova host data leak to vm instance in rescue mode
  from 0, < 12.0.0a0
• LOW2.8Openstack nova qcow format could expose host filesystem information
  from 0, < 12.0.0a0
• —OpenStack Nova Directory traversal vulnerability
  from 0, < 12.0.0a0
• —OpenStack Nova Directory traversal vulnerability
  from 0, < b0feaffdb2b1c51182b8dce41b367f3449af5dd9, < 2427d4a99bed35baefd8f17ba422cb7aae8dcca7 | from 0
• —OpenStack Nova Arbitrary file injection/corruption through directory traversal issues
  from 0, < 12.0.0a0
• —OpenStack Nova Arbitrary file injection/corruption through directory traversal issues
  from 0, < b0feaffdb2b1c51182b8dce41b367f3449af5dd9, < 2427d4a99bed35baefd8f17ba422cb7aae8dcca7 | from 0
• —OpenStack Nova Scheduler denial of service through scheduler_hints
  from 0, < 034762e8060dcf0a11cb039b9d426b0d0bb1801d | from 0
• —OpenStack Nova Scheduler denial of service through scheduler_hints
  from 0, < 12.0.0a0
• —OpenStack Nova Information leak in libvirt LVM-backed instances
• —OpenStack Nova Information leak in libvirt LVM-backed instances
  from 0, < 12.0.0a0
• —OpenStack Nova Information leak in libvirt LVM-backed instances
  from 0, < a99a802e008eed18e39fc1d98170edc495cbd354, < 9d2ea970422591f8cdc394001be9a2deca499a5f | from 0
• —OpenStack Compute (Nova) Resource limit circumvention in Nova private flavors
  from 0, < 12.0.0a0
• —OpenStack Compute (Nova) vulnerable to denial of service via XML Entity Expansion attack
  from 0, < 2013.2
• —OpenStack Compute Nova Improper Access Control
  from 0, < 12.0.0a0
• —OpenStack Compute (Nova) does not verify the virtual size of a QCOW2 image
  from 0, < 12.0.0a0
• —OpenStack Nova Router metadata queries are not restricted by tenant
  from 0, < 12.0.0a0
• —OpenStack Nova denial of service through compressed disk images
  from 0, < 12.0.0a0
• —OpenStack Compute (Nova) allows remote authenticated users to gain privileges via API requests
  >= 2013.1.0, < 2013.2.4
• —OpenStack Compute (Nova) Denial of service due to improper validation of virtual size of QCOW2 image
  from 0, < 12.0.0a0
• —Openstack Compute (Nova) Denial of service via network request that triggers large number of iptables rules
  from 0, < 12.0.0a0
• —Openstack Compute (Nova) Denial of service via network request that triggers large number of iptables rules
  from 0, < 8c8735a73afb16d5856f0aa6088e9ae406c52beb, < a67db4586f70ed881d65e80035b2a25be195ce64, < 1f644d210557b1254f7c7b39424b09a45329ade7 | from 0
• —OpenStack Compute (Nova) Improper Input Validation
  from 0, < 9f9e9da777161426a6f8cb4314b78e09beac2978, < ff06c7c885dc94ed7c828e8cdbb8b5d850a7e654 | from 0
• —OpenStack Compute (Nova) Improper Input Validation
  from 0, < 12.0.0a0
• —OpenStack Nova Long server names grow nova-api log files significantly
  from 0, < 12.0.0a0
• —OpenStack Nova Denial of Service in network source security groups
  from 0, < 12.0.0a0
• —OpenStack Nova Multiple directory traversal vulnerabilities
  from 0, < 12.0.0a0
• —OpenStack Compute (Nova) Exposure of Sensitive Information to an Unauthorized Actor vulnerability
  from 0, < 2013.2.4
• —OpenStack Compute (Nova) allows remote authenticated users to obtain sensitive information
  from 0, < 2013.1.3
• —OpenStack Compute (Nova) allows remote attackers to bypass intended restriction
  from 0, < 2014.2.4
• —OpenStack Compute (Nova) Denial of Service vulnerability
  from 0, < 2014.1.4
• —OpenStack Compute (Nova)'s VMWare driver vulnerable to denial of service
  from 0, < 2014.1.3
• —OpenStack Nova instance migration process does not stop when instance is deleted
  from 0, < 112.0.0.0b3
• —OpenStack Nova live snapshots use an insecure local directory
  from 0, < 12.0.0a0
• —OpenStack Compute (Nova) has Insufficient Verification of Data Authenticity
  from 0, < 2014.1.4
• —OpenStack Nova DoS through ephemeral disk backing files
  from 0, < 12.0.0a0
• —OpenStack Compute (nova) allows remote authenticated users to cause a denial of service
  from 0, < 2014.2.4
• —OpenStack Nova VMware instance leak potentially leading to compute DoS
  from 0, < 12.0.0a0