pkg:PyPI/nova

64 total CVEsCRITICAL1HIGH8MEDIUM20LOW5

✅ Check your installed version

All known vulnerabilities

  • CRITICAL9.8CVE-2017-7214OpenStack Nova logs sensitive context from notification exceptions
    >= 13.0.0, < 13.1.4
  • HIGH8.6CVE-2017-17051OpenStack Nova DoS by rebuilding the same instance with a new image multiple times
    from 0, < 16.0.4
  • HIGH8.3CVE-2020-17376OpenStack Nova Live migration fails to update persistent domain XML
    from 0, < 19.3.1, >= 20.0.0, < 20.3.1, >= 21.0.0, < 21.1.0
  • HIGH8.3CVE-2020-17376OpenStack Nova Live migration fails to update persistent domain XML
    from 0, < 19.3.1
  • HIGH8.2CVE-2026-24708OpenStack Nova calls qemu-img without format restrictions for resize
    >= 32.0.0.0rc1, <= 32.1.0
  • HIGH7.5CVE-2013-7130OpenStack Nova Live migration can leak root disk into ephemeral storage
    from 0, < 12.0.0a0
  • HIGH7.5CVE-2013-7130OpenStack Nova Live migration can leak root disk into ephemeral storage
    from 0, < 12.0.0a0
  • HIGH7.5CVE-2015-5162OpenStack Cinder, Glance, and Nova contain Uncontrolled Resource Consumption
    from 0, < 12.0.4
  • HIGH7.5CVE-2017-18191OpenStack Nova Denial of service attack on the compute host
    >= 15.0.0, < 15.1.1
  • MEDIUM6.5CVE-2024-40767OpenStack Nova vulnerable to unauthorized access to potentially sensitive data
    from 0, <= 27.4.0
  • MEDIUM6.5CVE-2024-32498nova - security update
    from 0, <= 29.0.2
  • MEDIUM6.5CVE-2019-14433nova - security update
    >= 19.0.0, < 19.0.2, from 0, < 17.0.12, >= 18.0.0, < 18.2.2
  • MEDIUM6.5CVE-2019-14433nova - security update
    from 0, < 17.0.12
  • MEDIUM6.5CVE-2014-2573OpenStack Nova VMWare driver leaks rescued images
    from 0, < 12.0.0a0
  • MEDIUM6.5CVE-2014-2573OpenStack Nova VMWare driver leaks rescued images
    from 0, < 12.0.0a0
  • MEDIUM6.5CVE-2012-3447Arbitrary file overwrite in OpenStack Nova
    from 0, < 12.0.0
  • MEDIUM6.5CVE-2012-3447Arbitrary file overwrite in OpenStack Nova
    from 0, < ce4b2e27be45a85b310237615c47eb53f37bb5f3, < d9577ce9f266166a297488445b5b0c93c1ddb368 | from 0
  • MEDIUM6.5CVE-2013-1838OpenStack Compute (Nova) Denial of service via a large number of calls to the addFixedIp function
    from 0, < 12.0.0a0
  • MEDIUM6.5CVE-2013-1838OpenStack Compute (Nova) Denial of service via a large number of calls to the addFixedIp function
    from 0, < 12.0.0a0
  • MEDIUM6.5CVE-2017-16239nova - security update
    >= 16.0.0, < 16.0.3
  • MEDIUM6.5CVE-2013-0335OpenStack Compute Nova Unauthorised access to arbitrary VM using VNC token from deleted VM
    from 0, < 12.0.0a0
  • MEDIUM6.5CVE-2013-0335OpenStack Compute Nova Unauthorised access to arbitrary VM using VNC token from deleted VM
    from 0, < 12.0.0a0
  • MEDIUM6.1CVE-2021-3654Open Redirect in CPython that affects users of OpenStack Nova
    from 0, < 21.2.3
  • MEDIUM5.9CVE-2015-8749OpenStack Nova Potential Xen connection password leak via StorageError
    >= 12.0.0, < 12.0.1
  • MEDIUM5.9CVE-2011-4076OpenStack Nova Exposure of Sensitive Information to an Unauthorized Actor
    from 0, < 12.0.0a0
  • MEDIUM5.7CVE-2022-47951cinder - security update
    from 0, < 24.1.2
  • MEDIUM5.3CVE-2016-2140OpenStack Nova host data access through resize/migration
    >= 12.0.0, < 12.0.3
  • MEDIUM4.7CVE-2015-2687OpenStack Compute (Nova) Improper Access Control
    from 0, < 15.0.0.0b1
  • MEDIUM4.7CVE-2015-2687OpenStack Compute (Nova) Improper Access Control
    from 0, < 15.0.0.0b1
  • LOW3.3CVE-2022-37394OpenStack Nova Changing vnic_type breaks compute service restart
    from 0, < 23.2.2
  • LOW3.3CVE-2015-9543OpenStack Nova can leak consoleauth token into log files
    from 0, < 18.2.4
  • LOW3.1CVE-2014-0134OpenStack Nova host data leak to vm instance in rescue mode
    from 0, < 12.0.0a0
  • LOW3.1CVE-2014-0134OpenStack Nova host data leak to vm instance in rescue mode
    from 0, < 12.0.0a0
  • LOW2.8CVE-2011-3147Openstack nova qcow format could expose host filesystem information
    from 0, < 12.0.0a0
  • CVE-2012-3361OpenStack Nova Arbitrary file injection/corruption through directory traversal issues
    from 0, < 12.0.0a0
  • CVE-2012-3360OpenStack Nova Directory traversal vulnerability
    from 0, < 12.0.0a0
  • CVE-2012-3371OpenStack Nova Scheduler denial of service through scheduler_hints
    from 0, < 12.0.0a0
  • CVE-2012-5625OpenStack Nova Information leak in libvirt LVM-backed instances
    from 0, < 12.0.0a0
  • CVE-2012-5625OpenStack Nova Information leak in libvirt LVM-backed instances
    from 0, < a99a802e008eed18e39fc1d98170edc495cbd354, < 9d2ea970422591f8cdc394001be9a2deca499a5f | from 0
  • CVE-2012-5625OpenStack Nova Information leak in libvirt LVM-backed instances
  • CVE-2013-4278OpenStack Compute (Nova) Resource limit circumvention in Nova private flavors
    from 0, < 12.0.0a0
  • CVE-2013-4179OpenStack Compute (Nova) vulnerable to denial of service via XML Entity Expansion attack
    from 0, < 2013.2
  • CVE-2013-4497OpenStack Compute Nova Improper Access Control
    from 0, < 12.0.0a0
  • CVE-2013-2096OpenStack Compute (Nova) does not verify the virtual size of a QCOW2 image
    from 0, < 12.0.0a0
  • CVE-2013-6419OpenStack Nova Router metadata queries are not restricted by tenant
    from 0, < 12.0.0a0
  • CVE-2013-4463OpenStack Nova denial of service through compressed disk images
    from 0, < 12.0.0a0
  • CVE-2013-4469OpenStack Compute (Nova) Denial of service due to improper validation of virtual size of QCOW2 image
    from 0, < 12.0.0a0
  • CVE-2014-0167OpenStack Compute (Nova) allows remote authenticated users to gain privileges via API requests
    >= 2013.1.0, < 2013.2.4
  • CVE-2012-2101Openstack Compute (Nova) Denial of service via network request that triggers large number of iptables rules
    from 0, < 12.0.0a0
  • CVE-2012-2654OpenStack Compute (Nova) Improper Input Validation
    from 0, < 12.0.0a0
  • CVE-2012-1585OpenStack Nova Long server names grow nova-api log files significantly
    from 0, < 12.0.0a0
  • CVE-2013-4185OpenStack Nova Denial of Service in network source security groups
    from 0, < 12.0.0a0
  • CVE-2011-4596OpenStack Nova Multiple directory traversal vulnerabilities
    from 0, < 12.0.0a0
  • CVE-2014-3517OpenStack Compute (Nova) Exposure of Sensitive Information to an Unauthorized Actor vulnerability
    from 0, < 2013.2.4
  • CVE-2013-2256OpenStack Compute (Nova) allows remote authenticated users to obtain sensitive information
    from 0, < 2013.1.3
  • CVE-2015-3280OpenStack Compute (nova) allows remote authenticated users to cause a denial of service
    from 0, < 2014.2.4
  • CVE-2014-3608OpenStack Compute (Nova)'s VMWare driver vulnerable to denial of service
    from 0, < 2014.1.3
  • CVE-2015-7713OpenStack Compute (Nova) allows remote attackers to bypass intended restriction
    from 0, < 2014.2.4
  • CVE-2013-7048OpenStack Nova live snapshots use an insecure local directory
    from 0, < 12.0.0a0
  • CVE-2015-0259OpenStack Compute (Nova) has Insufficient Verification of Data Authenticity
    from 0, < 2014.1.4
  • CVE-2013-6437OpenStack Nova DoS through ephemeral disk backing files
    from 0, < 12.0.0a0
  • CVE-2014-3708OpenStack Compute (Nova) Denial of Service vulnerability
    from 0, < 2014.1.4
  • CVE-2015-3241OpenStack Nova instance migration process does not stop when instance is deleted
    from 0, < 112.0.0.0b3
  • CVE-2014-8333OpenStack Nova VMware instance leak potentially leading to compute DoS
    from 0, < 12.0.0a0