4 matches found
CVE-2019-14433
The CVE-2019-14433 issue affects OpenStack Nova (versions before 17.0.12, 18.x before 18.2.2, 19.x before 19.0.2). It allows authenticated API requests that fault to leak environment details in responses, potentially exposing sensitive configuration data (partial confidentiality impact). Red Hat ...
CVE-2011-4076
OpenStack Nova before 2012.1 is affected: if a user possesses an EC2_ACCESS_KEY (like a username), they may derive the EC2_SECRET_KEY (password). Exposing the EC2_ACCESS_KEY over HTTP or via tools that enable MITM over HTTPS could allow an attacker to obtain the secret key; brute-forcing EC2_ACCE...
CVE-2013-0326
Technical details about CVE-2013-0326 are not publicly available in the provided connected documents. Monitor for updates.
CVE-2011-3147
CVE-2011-3147 concerns OpenStack Nova: when processing a malicious qcow filesystem, versions of Nova prior to 2012.1 could expose host hypervisor filesystem information to the guest. Multiple sources (e.g., OSV, GHSA advisories, and CVE records) describe the issue as a qcow-related exposure of ho...