Information on source package nova

Available versions

ReleaseVersion
wheezy2012.1.1-18
jessie2014.1.3-11
stretch2:14.0.0-4
buster2:14.0.0-4
sid2:14.0.0-4

Open issues

BugwheezyjessiestretchbustersidDescription
CVE-2017-7214vulnerablefixedfixedfixedfixedAn issue was discovered in exception_wrapper.py in OpenStack Nova 13.x ...
CVE-2016-2140vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedThe libvirt driver in OpenStack Compute (Nova) before 2015.1.4 (kilo) ...
CVE-2015-8749vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedThe volume_utils._parse_volume_info function in OpenStack Compute ...
CVE-2015-7713vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedOpenStack Compute (Nova) before 2014.2.4 (juno) and 2015.1.x before ...
CVE-2015-7548vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedOpenStack Compute (Nova) before 2015.1.3 (kilo) and 12.0.x before ...
CVE-2015-5162vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedThe image parser in OpenStack Cinder 7.0.2 and 8.0.0 through 8.1.1; ...
CVE-2015-3280fixedvulnerable (no DSA)fixedfixedfixedOpenStack Compute (nova) before 2014.2.4 (juno) and 2015.1.x before ...
CVE-2015-3241vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedOpenStack Compute (nova) 2015.1 through 2015.1.1, 2014.2.3, and ...
CVE-2015-2687vulnerable (no DSA)fixedfixedfixedfixedinformation leak when live-migration failed
CVE-2014-7230vulnerable (no DSA)fixedfixedfixedfixedThe processutils.execute function in OpenStack oslo-incubator, Cinder, ...
CVE-2014-3708vulnerable (no DSA)fixedfixedfixedfixedOpenStack Compute (Nova) before 2014.1.4 and 2014.2.x before 2014.2.1 ...
CVE-2013-7130vulnerable (no DSA)fixedfixedfixedfixedThe i_create_images_and_backing (aka create_images_and_backing) method ...
CVE-2013-6491vulnerable (no DSA)fixedfixedfixedfixedThe python-qpid client (common/rpc/impl_qpid.py) in OpenStack Oslo ...
CVE-2013-4469vulnerable (no DSA)fixedfixedfixedfixedOpenStack Compute (Nova) Folsom, Grizzly, and Havana, when ...
CVE-2013-4463vulnerable (no DSA)fixedfixedfixedfixedOpenStack Compute (Nova) Folsom, Grizzly, and Havana does not properly ...
CVE-2013-4261vulnerable (no DSA)fixedfixedfixedfixedOpenStack Compute (Nova) Folsom, Grizzly, and earlier, when using ...
CVE-2013-4185vulnerable (no DSA)fixedfixedfixedfixedAlgorithmic complexity vulnerability in OpenStack Compute (Nova) ...
CVE-2013-2096vulnerable (no DSA)fixedfixedfixedfixedOpenStack Compute (Nova) Folsom, Grizzly, and Havana does not verify ...

Open unimportant issues

BugwheezyjessiestretchbustersidDescription
CVE-2015-1850vulnerablevulnerablevulnerablevulnerablevulnerableHost file disclosure through qcow2 backing file
CVE-2013-0326vulnerablevulnerablevulnerablevulnerablevulnerable_base images permissions world readable

Resolved issues

BugDescription
CVE-2016-7498OpenStack Compute (nova) 13.0.0 does not properly delete instances ...
CVE-2015-0259OpenStack Compute (Nova) before 2014.1.4, 2014.2.x before 2014.2.3, ...
CVE-2014-8750Race condition in the VMware driver in OpenStack Compute (Nova) before ...
CVE-2014-8333The VMware driver in OpenStack Compute (Nova) before 2014.1.4 allows ...
CVE-2014-3608The VMWare driver in OpenStack Compute (Nova) before 2014.1.3 allows ...
CVE-2014-3517api/metadata/handler.py in OpenStack Compute (Nova) before 2013.2.4, ...
CVE-2014-2573The VMWare driver in OpenStack Compute (Nova) 2013.2 through 2013.2.2 ...
CVE-2014-0167The Nova EC2 API security group implementation in OpenStack Compute ...
CVE-2014-0134The instance rescue mode in OpenStack Compute (Nova) 2013.2 before ...
CVE-2013-7048OpenStack Compute (Nova) Grizzly 2013.1.4, Havana 2013.2.1, and ...
CVE-2013-6437The libvirt driver in OpenStack Compute (Nova) before 2013.2.2 and ...
CVE-2013-6419Interaction error in OpenStack Nova and Neutron before Havana 2013.2.1 ...
CVE-2013-4497The XenAPI backend in OpenStack Compute (Nova) Folsom, Grizzly, and ...
CVE-2013-4278The "create an instance" API in OpenStack Compute (Nova) Folsom, ...
CVE-2013-4179The security group extension in OpenStack Compute (Nova) Grizzly ...
CVE-2013-2256OpenStack Compute (Nova) before 2013.1.3 and Havana before havana-2 ...
CVE-2013-2030keystone/middleware/auth_token.py in OpenStack Nova Folsom, Grizzly, ...
CVE-2013-1838OpenStack Compute (Nova) Grizzly, Folsom (2012.2), and Essex (2012.1) ...
CVE-2013-1664The XML libraries for Python 3.4, 3.3, 3.2, 3.1, 2.7, and 2.6, as used ...
CVE-2013-1068The OpenStack Nova (python-nova) package 1:2013.2.3-0 before ...
CVE-2013-0335OpenStack Compute (Nova) Grizzly, Folsom (2012.2), and Essex (2012.1) ...
CVE-2013-0208The boot-from-volume feature in OpenStack Compute (Nova) Folsom and ...
CVE-2012-5625OpenStack Compute (Nova) Folsom before 2012.2.2 and Grizzly, when ...
CVE-2012-3447virt/disk/api.py in OpenStack Compute (Nova) 2012.1.x before 2012.1.2 ...
CVE-2012-3371The Nova scheduler in OpenStack Compute (Nova) Folsom (2012.2) and ...
CVE-2012-3361virt/disk/api.py in OpenStack Compute (Nova) Folsom (2012.2), Essex ...
CVE-2012-3360Directory traversal vulnerability in virt/disk/api.py in OpenStack ...
CVE-2012-2654The (1) EC2 and (2) OS APIs in OpenStack Compute (Nova) Folsom ...
CVE-2012-2101Openstack Compute (Nova) Folsom, 2012.1, and 2011.3 does not limit the ...
CVE-2012-1585OpenStack Compute (Nova) Essex before 2011.3 allows remote ...
CVE-2012-0030Nova 2011.3 and Essex, when using the OpenStack API, allows remote ...
CVE-2011-4596Multiple directory traversal vulnerabilities in OpenStack Nova before ...
CVE-2011-4076

Search for package or bug name: Reporting problems