Information on source package nova

Available versions

ReleaseVersion
jessie2014.1.3-11
stretch (security)2:14.0.0-4+deb9u1
buster2:18.1.0-6
sid2:19.0.2-4

Open issues

BugjessiestretchbustersidDescription
CVE-2019-14433vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedAn issue was discovered in OpenStack Nova before 17.0.12, 18.x before ...
CVE-2017-18191vulnerable (no DSA)vulnerable (no DSA)fixedfixedAn issue was discovered in OpenStack Nova 15.x through 15.1.0 and 16.x ...
CVE-2016-2140vulnerable (no DSA)fixedfixedfixedThe libvirt driver in OpenStack Compute (Nova) before 2015.1.4 (kilo) ...
CVE-2015-8749vulnerable (no DSA)fixedfixedfixedThe volume_utils._parse_volume_info function in OpenStack Compute (Nov ...
CVE-2015-7713vulnerable (no DSA)fixedfixedfixedOpenStack Compute (Nova) before 2014.2.4 (juno) and 2015.1.x before 20 ...
CVE-2015-7548vulnerable (no DSA)fixedfixedfixedOpenStack Compute (Nova) before 2015.1.3 (kilo) and 12.0.x before 12.0 ...
CVE-2015-5162vulnerable (no DSA)fixedfixedfixedThe image parser in OpenStack Cinder 7.0.2 and 8.0.0 through 8.1.1; Gl ...
CVE-2015-3280vulnerable (no DSA)fixedfixedfixedOpenStack Compute (nova) before 2014.2.4 (juno) and 2015.1.x before 20 ...
CVE-2015-3241vulnerable (no DSA)fixedfixedfixedOpenStack Compute (nova) 2015.1 through 2015.1.1, 2014.2.3, and earlie ...

Open unimportant issues

BugjessiestretchbustersidDescription
CVE-2015-1850vulnerablevulnerablevulnerablevulnerableHost file disclosure through qcow2 backing file
CVE-2013-0326vulnerablevulnerablevulnerablevulnerable_base images permissions world readable

Resolved issues

BugDescription
CVE-2017-7214An issue was discovered in exception_wrapper.py in OpenStack Nova 13.x ...
CVE-2017-17051An issue was discovered in the default FilterScheduler in OpenStack No ...
CVE-2017-16239In OpenStack Nova through 14.0.9, 15.x through 15.0.7, and 16.x throug ...
CVE-2016-7498OpenStack Compute (nova) 13.0.0 does not properly delete instances fro ...
CVE-2015-2687OpenStack Compute (nova) Icehouse, Juno and Havana when live migration ...
CVE-2015-0259OpenStack Compute (Nova) before 2014.1.4, 2014.2.x before 2014.2.3, an ...
CVE-2014-8750Race condition in the VMware driver in OpenStack Compute (Nova) before ...
CVE-2014-8333The VMware driver in OpenStack Compute (Nova) before 2014.1.4 allows r ...
CVE-2014-7230The processutils.execute function in OpenStack oslo-incubator, Cinder, ...
CVE-2014-3708OpenStack Compute (Nova) before 2014.1.4 and 2014.2.x before 2014.2.1 ...
CVE-2014-3608The VMWare driver in OpenStack Compute (Nova) before 2014.1.3 allows r ...
CVE-2014-3517api/metadata/handler.py in OpenStack Compute (Nova) before 2013.2.4, 2 ...
CVE-2014-2573The VMWare driver in OpenStack Compute (Nova) 2013.2 through 2013.2.2 ...
CVE-2014-0167The Nova EC2 API security group implementation in OpenStack Compute (N ...
CVE-2014-0134The instance rescue mode in OpenStack Compute (Nova) 2013.2 before 201 ...
CVE-2013-7130The i_create_images_and_backing (aka create_images_and_backing) method ...
CVE-2013-7048OpenStack Compute (Nova) Grizzly 2013.1.4, Havana 2013.2.1, and earlie ...
CVE-2013-6491The python-qpid client (common/rpc/impl_qpid.py) in OpenStack Oslo bef ...
CVE-2013-6437The libvirt driver in OpenStack Compute (Nova) before 2013.2.2 and ice ...
CVE-2013-6419Interaction error in OpenStack Nova and Neutron before Havana 2013.2.1 ...
CVE-2013-4497The XenAPI backend in OpenStack Compute (Nova) Folsom, Grizzly, and Ha ...
CVE-2013-4469OpenStack Compute (Nova) Folsom, Grizzly, and Havana, when use_cow_ima ...
CVE-2013-4463OpenStack Compute (Nova) Folsom, Grizzly, and Havana does not properly ...
CVE-2013-4278The "create an instance" API in OpenStack Compute (Nova) Folsom, Grizz ...
CVE-2013-4261OpenStack Compute (Nova) Folsom, Grizzly, and earlier, when using Apac ...
CVE-2013-4185Algorithmic complexity vulnerability in OpenStack Compute (Nova) befor ...
CVE-2013-4179The security group extension in OpenStack Compute (Nova) Grizzly 2013. ...
CVE-2013-2256OpenStack Compute (Nova) before 2013.1.3 and Havana before havana-2 do ...
CVE-2013-2096OpenStack Compute (Nova) Folsom, Grizzly, and Havana does not verify t ...
CVE-2013-2030keystone/middleware/auth_token.py in OpenStack Nova Folsom, Grizzly, a ...
CVE-2013-1838OpenStack Compute (Nova) Grizzly, Folsom (2012.2), and Essex (2012.1) ...
CVE-2013-1664The XML libraries for Python 3.4, 3.3, 3.2, 3.1, 2.7, and 2.6, as used ...
CVE-2013-1068The OpenStack Nova (python-nova) package 1:2013.2.3-0 before 1:2013.2. ...
CVE-2013-0335OpenStack Compute (Nova) Grizzly, Folsom (2012.2), and Essex (2012.1) ...
CVE-2013-0208The boot-from-volume feature in OpenStack Compute (Nova) Folsom and Es ...
CVE-2012-5625OpenStack Compute (Nova) Folsom before 2012.2.2 and Grizzly, when usin ...
CVE-2012-3447virt/disk/api.py in OpenStack Compute (Nova) 2012.1.x before 2012.1.2 ...
CVE-2012-3371The Nova scheduler in OpenStack Compute (Nova) Folsom (2012.2) and Ess ...
CVE-2012-3361virt/disk/api.py in OpenStack Compute (Nova) Folsom (2012.2), Essex (2 ...
CVE-2012-3360Directory traversal vulnerability in virt/disk/api.py in OpenStack Com ...
CVE-2012-2654The (1) EC2 and (2) OS APIs in OpenStack Compute (Nova) Folsom (2012.2 ...
CVE-2012-2101Openstack Compute (Nova) Folsom, 2012.1, and 2011.3 does not limit the ...
CVE-2012-1585OpenStack Compute (Nova) Essex before 2011.3 allows remote authenticat ...
CVE-2012-0030Nova 2011.3 and Essex, when using the OpenStack API, allows remote aut ...
CVE-2011-4596Multiple directory traversal vulnerabilities in OpenStack Nova before ...
CVE-2011-4076
CVE-2011-3147Versions of nova before 2012.1 could expose hypervisor host files to a ...

Security announcements

DSA / DLADescription
DSA-4056-1nova - security update

Search for package or bug name: Reporting problems