Nova@* Security Vulnerabilities and Issues — Nova@* CVE List

Lucene search

OpenstackNova*

3 matches found

CVE•added 2019/08/09 7:15 p.m.•145 views

CVE-2019-14433

An issue was discovered in OpenStack Nova before 17.0.12, 18.x before 18.2.2, and 19.x before 19.0.2. If an API request from an authenticated user ends in a fault condition due to an external exception, details of the underlying environment may be leaked in the response, and could include sensitive...

6.5CVSS6.1AI score0.00588EPSS

CVE•added 2019/11/26 4:15 a.m.•93 views

CVE-2011-4076

OpenStack Nova before 2012.1 allows someone with access to an EC2_ACCESS_KEY (equivalent to a username) to obtain the EC2_SECRET_KEY (equivalent to a password). Exposing the EC2_ACCESS_KEY via http or tools that allow man-in-the-middle over https could allow an attacker to easily obtain the EC2_SEC...

5.9CVSS5.3AI score0.00408EPSS

CVE•added 2019/04/22 4:29 p.m.•39 views

CVE-2011-3147

Versions of nova before 2012.1 could expose hypervisor host files to a guest operating system when processing a maliciously constructed qcow filesystem.

8.6CVSS5.9AI score0.00182EPSS