514 matches found
CVE-2014-3708 vulnerabilities
Vulnerabilities for packages: openstack-nova-2025.2...
GHSA-X8XR-RM9R-7MVF vulnerabilities
Vulnerabilities for packages: openstack-nova-2025.2...
GHSA-67RH-9P29-VRXR vulnerabilities
Vulnerabilities for packages: openstack-nova-2025.2...
GHSA-43HC-PWVX-PMFG vulnerabilities
Vulnerabilities for packages: openstack-nova-2025.2...
CVE-2026-46448 vulnerabilities
Vulnerabilities for packages: openstack-nova-2025.2...
CVE-2015-3280 vulnerabilities
Vulnerabilities for packages: openstack-nova-2025.2...
CVE-2013-4179 vulnerabilities
Vulnerabilities for packages: openstack-nova-2025.2...
GHSA-XJMJ-P278-4JP5 vulnerabilities
Vulnerabilities for packages: openstack-nova-2025.2...
GHSA-MFMJ-GWG3-VHW7 vulnerabilities
Vulnerabilities for packages: openstack-nova-2025.2...
GHSA-92HC-C226-32Q7 vulnerabilities
Vulnerabilities for packages: openstack-nova-2025.2...
GHSA-5MJ6-643F-2G85 vulnerabilities
Vulnerabilities for packages: openstack-nova-2025.2...
CVE-2015-0259 vulnerabilities
Vulnerabilities for packages: openstack-nova-2025.2...
CVE-2014-3608 vulnerabilities
Vulnerabilities for packages: openstack-nova-2025.2...
CVE-2014-3517 vulnerabilities
Vulnerabilities for packages: openstack-nova-2025.2...
GHSA-MFG3-P6M3-GJGR vulnerabilities
Vulnerabilities for packages: openstack-nova-2025.2...
PYSEC-2026-1708 OpenStack Cinder, Glance, and Nova vulnerable to arbitrary file access
An issue was discovered in OpenStack Cinder through 24.0.0, Glance before 28.0.2, and Nova before 29.0.3. Arbitrary file access can occur via custom QCOW2 external data. By supplying a crafted QCOW2 image that references a specific data file path, an authenticated user may convince systems to...
CVE-2026-46448
A flaw was found in OpenStack Nova. The server creation application programming interface API fails to remove specific hint data, leading to instances being created without proper Placement allocation. This can result in a denial of service, as resources may not be correctly assigned or managed f...
Linux Distros Unpatched Vulnerability : CVE-2026-46448
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In OpenStack Nova before 33.0.2, the server create API does not strip certain hint data. The resulting instance has no Placement allocation. CVE-2026-46448 Note...
OpenStack Nova: Nova scheduler hint injection bypasses Placement resource claims and scheduling constraints
Affects - Nova: =18.0.0 =32.0.0 =33.0.0 33.0.2 Description Erichen from the Institute of Computing Technology, Chinese Academy of Sciences reported that Nova's server create API does not strip internal scheduler hints. An authenticated user can bypass Placement resource claims and scheduling...
CVE-2026-46448
In OpenStack Nova before 33.0.2, the server create API does not strip certain hint data. The resulting instance has no Placement allocation...