2 matches found
CVE-2020-17376
CVE-2020-17376 : In OpenStack Nova, a vulnerability in Guest.migrate (virt/libvirt/guest.py) allows a user to access destination-host devices that share paths with source-host devices after performing a soft reboot of an instance that has previously undergone live migration. Affected are OpenStac...
CVE-2015-9543
OpenStack Nova up to 18.2.4, 19.x up to 19.1.0, and 20.x up to 20.1.0 is vulnerable to leaking consoleauth tokens into log files when using novncproxy. The issue is tied to NovaProxyRequestHandlerBase.new_websocket_client in console/websocketproxy.py. A user with read access to the service logs c...