An issue was discovered in OpenStack Nova before 17.0.12, 18.x before 18.2.2, and 19.x before 19.0.2. If an API request from an authenticated user ends in a fault condition due to an external exception, details of the underlying environment may be leaked in the response, and could include sensitive configuration or other data.
CPE | Name | Operator | Version |
---|---|---|---|
ubuntu_linux | eq | 18.04 | |
ubuntu_linux | eq | 19.04 | |
ubuntu_linux | eq | 16.04 | |
debian_linux | eq | 10.0 | |
nova | ge | 19.0.0 | |
nova | lt | 19.0.2 | |
nova | lt | 17.0.12 | |
nova | ge | 18.0.0 | |
nova | lt | 18.2.2 | |
openstack | eq | 10 |
www.openwall.com/lists/oss-security/2019/08/06/6
access.redhat.com/errata/RHSA-2019:2622
access.redhat.com/errata/RHSA-2019:2631
access.redhat.com/errata/RHSA-2019:2652
launchpad.net/bugs/1837877
lists.debian.org/debian-lts-announce/2022/09/msg00018.html
security.openstack.org/ossa/OSSA-2019-003.html
usn.ubuntu.com/4104-1/