4 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-3654
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in openstack-nova's console proxy, noVNC. By crafting a malicious URL, noVNC could be made to redirect to any desired URL. CVE-2021-36...
Ubuntu: Security Advisory (USN-5866-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2021-3654
The CVE-2021-3654 issue affects openstack-nova’s console proxy, noVNC, where crafting a malicious URL can trigger an open redirect to an attacker-controlled site. This could enable users to be redirected to a malicious page, potentially exposing sensitive information or enabling further actions. ...
Security Bulletin: Openstack Compute (Nova) noVNC proxy
Summary Fix OpenStack Nova allowing a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability in the noVNC component. By modifying untrusted URL input using multiple backslashes, an attacker could exploit this vulnerability to redirect a victim to arbitrary website...