Lucene search

K

GoogleOSV:GHSA-VQP6-J452-J6WP

HistoryMar 04, 2022 - 12:00 a.m.

Open Redirect in CPython that affects users of OpenStack Nova

2022-03-0400:00:22

Google

osv.dev

11

0.926 High

EPSS

Percentile

99.0%

A vulnerability was found in CPython which is used by openstack-nova’s console proxy, noVNC. By crafting a malicious URL, noVNC could be made to redirect to any desired URL.

CPENameOperatorVersion
novaeq19.1.0
novaeq19.0.1
novaeq18.0.3
novaeq21.0.0.0rc1
novaeq23.0.1
novaeq22.2.1
novaeq17.0.11
novaeq21.1.2
novaeq20.1.1
novaeq17.0.9

Rows per page:

1-10 of 611

References

bugs.launchpad.net/nova/+bug/1927677

bugs.python.org/issue32084

bugzilla.redhat.com/show_bug.cgi?id=1961439

nvd.nist.gov/vuln/detail/CVE-2021-3654

opendev.org/openstack/nova

opendev.org/openstack/nova/commit/04d48527b62a35d912f93bc75613a6cca606df66

opendev.org/openstack/nova/commit/8906552cfc2525a44251d4cf313ece61e57251eb

security.gentoo.org/glsa/202305-02

security.openstack.org/ossa/OSSA-2021-002.html

www.openwall.com/lists/oss-security/2021/07/29/2

0.926 High

EPSS

Percentile

99.0%

Related for OSV:GHSA-VQP6-J452-J6WP

debiancve1 veracode1 cve1 nuclei1 redhat2 osv2 redhatcve1 nessus4 prion1 cvelist1 nvd1 ibm1 github1 ubuntucve1 openvas1 ubuntu1 gentoo1