Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2026/06/17 3:49 p.m.8 views

CVE-2026-46448

A flaw was found in OpenStack Nova. The server creation application programming interface API fails to remove specific hint data, leading to instances being created without proper Placement allocation. This can result in a denial of service, as resources may not be correctly assigned or managed f...

8.5CVSS4.8AI score0.00272EPSS
Exploits1References6
OSV
OSV
added 2026/06/16 9:32 p.m.2 views

GHSA-MFG3-P6M3-GJGR OpenStack Nova: Nova scheduler hint injection bypasses Placement resource claims and scheduling constraints

Affects - Nova: =18.0.0 =32.0.0 =33.0.0 33.0.2 Description Erichen from the Institute of Computing Technology, Chinese Academy of Sciences reported that Nova's server create API does not strip internal scheduler hints. An authenticated user can bypass Placement resource claims and scheduling...

5.4CVSS5.3AI score0.00272EPSS
Exploits1References9
NVD
NVD
added 2026/06/16 8:16 p.m.9 views

CVE-2026-46448

In OpenStack Nova before 33.0.2, the server create API does not strip certain hint data. The resulting instance has no Placement allocation...

8.5CVSS0.00272EPSS
Exploits1References3
OSV
OSV
added 2026/06/16 12:0 a.m.5 views

UBUNTU-CVE-2026-46448

In OpenStack Nova before 33.0.2, the server create API does not strip certain hint data. The resulting instance has no Placement allocation...

8.5CVSS5.2AI score0.00272EPSS
Exploits1References5
CVE
CVE
added 2026/06/16 12:0 a.m.17 views

CVE-2026-46448

OpenStack Nova before 33.0.2 is affected: the server create API does not strip internal _nova-prefixed scheduler hints, causing instances to be created without proper Placement allocation. This can enable resource misallocation and, in worst cases, denial of service through compute-node resource ...

8.5CVSS5.2AI score0.00272EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2026/06/16 12:0 a.m.24 views

CVE-2026-46448

In OpenStack Nova before 33.0.2, the server create API does not strip certain hint data. The resulting instance has no Placement allocation...

5.4CVSS0.00272EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2026/06/16 12:0 a.m.6 views

CVE-2026-46448

In OpenStack Nova before 33.0.2, the server create API does not strip certain hint data. The resulting instance has no Placement allocation...

8.5CVSS5.3AI score0.00272EPSS
Exploits1
Rows per page
Query Builder