Information on source package nova

Available versions

ReleaseVersion
jessie2014.1.3-11
stretch2:14.0.0-4+deb9u1
buster2:18.1.0-6+deb10u2
bullseye2:22.0.1-2+deb11u1
bullseye (security)2:22.4.0-1~deb11u5
bookworm2:26.2.2-1~deb12u3
trixie2:30.0.0-1
sid2:30.0.0-3

Open issues

BugjessiestretchbusterbullseyebookwormtrixiesidDescription
CVE-2024-32498vulnerablevulnerablevulnerablefixedfixedfixedfixedAn issue was discovered in OpenStack Cinder through 24.0.0, Glance bef ...
CVE-2023-2088vulnerablevulnerablevulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedA flaw was found in OpenStack due to an inconsistency between Cinder a ...
CVE-2022-47951vulnerablevulnerablefixedfixedfixedfixedfixedAn issue was discovered in OpenStack Cinder before 19.1.2, 20.x before ...
CVE-2022-37394vulnerablevulnerablevulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedAn issue was discovered in OpenStack Nova before 23.2.2, 24.x before 2 ...
CVE-2021-3654vulnerablevulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedA vulnerability was found in openstack-nova's console proxy, noVNC. By ...
CVE-2020-17376vulnerablevulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedfixedAn issue was discovered in Guest.migrate in virt/libvirt/guest.py in O ...
CVE-2019-14433vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedfixedfixedAn issue was discovered in OpenStack Nova before 17.0.12, 18.x before ...
CVE-2017-18191vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedfixedfixedAn issue was discovered in OpenStack Nova 15.x through 15.1.0 and 16.x ...
CVE-2016-2140vulnerable (no DSA)fixedfixedfixedfixedfixedfixedThe libvirt driver in OpenStack Compute (Nova) before 2015.1.4 (kilo) ...
CVE-2015-9543vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedfixedAn issue was discovered in OpenStack Nova before 18.2.4, 19.x before 1 ...
CVE-2015-8749vulnerable (no DSA)fixedfixedfixedfixedfixedfixedThe volume_utils._parse_volume_info function in OpenStack Compute (Nov ...
CVE-2015-7713vulnerable (no DSA)fixedfixedfixedfixedfixedfixedOpenStack Compute (Nova) before 2014.2.4 (juno) and 2015.1.x before 20 ...
CVE-2015-7548vulnerable (no DSA)fixedfixedfixedfixedfixedfixedOpenStack Compute (Nova) before 2015.1.3 (kilo) and 12.0.x before 12.0 ...
CVE-2015-5162vulnerable (no DSA)fixedfixedfixedfixedfixedfixedThe image parser in OpenStack Cinder 7.0.2 and 8.0.0 through 8.1.1; Gl ...
CVE-2015-3280vulnerable (no DSA)fixedfixedfixedfixedfixedfixedOpenStack Compute (nova) before 2014.2.4 (juno) and 2015.1.x before 20 ...
CVE-2015-3241vulnerable (no DSA)fixedfixedfixedfixedfixedfixedOpenStack Compute (nova) 2015.1 through 2015.1.1, 2014.2.3, and earlie ...

Open unimportant issues

BugjessiestretchbusterbullseyebookwormtrixiesidDescription
CVE-2013-0326vulnerablevulnerablevulnerablevulnerablevulnerablevulnerablevulnerableOpenStack nova base images permissions are world readable

Resolved issues

BugDescription
CVE-2024-40767In OpenStack Nova before 27.4.1, 28 before 28.2.1, and 29 before 29.1. ...
CVE-2017-17051An issue was discovered in the default FilterScheduler in OpenStack No ...
CVE-2017-16239In OpenStack Nova through 14.0.9, 15.x through 15.0.7, and 16.x throug ...
CVE-2017-7214An issue was discovered in exception_wrapper.py in OpenStack Nova 13.x ...
CVE-2016-7498OpenStack Compute (nova) 13.0.0 does not properly delete instances fro ...
CVE-2015-2687OpenStack Compute (nova) Icehouse, Juno and Havana when live migration ...
CVE-2015-0259OpenStack Compute (Nova) before 2014.1.4, 2014.2.x before 2014.2.3, an ...
CVE-2014-8750Race condition in the VMware driver in OpenStack Compute (Nova) before ...
CVE-2014-8333The VMware driver in OpenStack Compute (Nova) before 2014.1.4 allows r ...
CVE-2014-7230The processutils.execute function in OpenStack oslo-incubator, Cinder, ...
CVE-2014-3708OpenStack Compute (Nova) before 2014.1.4 and 2014.2.x before 2014.2.1 ...
CVE-2014-3608The VMWare driver in OpenStack Compute (Nova) before 2014.1.3 allows r ...
CVE-2014-3517api/metadata/handler.py in OpenStack Compute (Nova) before 2013.2.4, 2 ...
CVE-2014-2573The VMWare driver in OpenStack Compute (Nova) 2013.2 through 2013.2.2 ...
CVE-2014-0167The Nova EC2 API security group implementation in OpenStack Compute (N ...
CVE-2014-0134The instance rescue mode in OpenStack Compute (Nova) 2013.2 before 201 ...
CVE-2013-7130The i_create_images_and_backing (aka create_images_and_backing) method ...
CVE-2013-7048OpenStack Compute (Nova) Grizzly 2013.1.4, Havana 2013.2.1, and earlie ...
CVE-2013-6491The python-qpid client (common/rpc/impl_qpid.py) in OpenStack Oslo bef ...
CVE-2013-6437The libvirt driver in OpenStack Compute (Nova) before 2013.2.2 and ice ...
CVE-2013-6419Interaction error in OpenStack Nova and Neutron before Havana 2013.2.1 ...
CVE-2013-4497The XenAPI backend in OpenStack Compute (Nova) Folsom, Grizzly, and Ha ...
CVE-2013-4469OpenStack Compute (Nova) Folsom, Grizzly, and Havana, when use_cow_ima ...
CVE-2013-4463OpenStack Compute (Nova) Folsom, Grizzly, and Havana does not properly ...
CVE-2013-4278The "create an instance" API in OpenStack Compute (Nova) Folsom, Grizz ...
CVE-2013-4261OpenStack Compute (Nova) Folsom, Grizzly, and earlier, when using Apac ...
CVE-2013-4185Algorithmic complexity vulnerability in OpenStack Compute (Nova) befor ...
CVE-2013-4179The security group extension in OpenStack Compute (Nova) Grizzly 2013. ...
CVE-2013-2256OpenStack Compute (Nova) before 2013.1.3 and Havana before havana-2 do ...
CVE-2013-2096OpenStack Compute (Nova) Folsom, Grizzly, and Havana does not verify t ...
CVE-2013-2030keystone/middleware/auth_token.py in OpenStack Nova Folsom, Grizzly, a ...
CVE-2013-1838OpenStack Compute (Nova) Grizzly, Folsom (2012.2), and Essex (2012.1) ...
CVE-2013-1664The XML libraries for Python 3.4, 3.3, 3.2, 3.1, 2.7, and 2.6, as used ...
CVE-2013-1068The OpenStack Nova (python-nova) package 1:2013.2.3-0 before 1:2013.2. ...
CVE-2013-0335OpenStack Compute (Nova) Grizzly, Folsom (2012.2), and Essex (2012.1) ...
CVE-2013-0208The boot-from-volume feature in OpenStack Compute (Nova) Folsom and Es ...
CVE-2012-5625OpenStack Compute (Nova) Folsom before 2012.2.2 and Grizzly, when usin ...
CVE-2012-3447virt/disk/api.py in OpenStack Compute (Nova) 2012.1.x before 2012.1.2 ...
CVE-2012-3371The Nova scheduler in OpenStack Compute (Nova) Folsom (2012.2) and Ess ...
CVE-2012-3361virt/disk/api.py in OpenStack Compute (Nova) Folsom (2012.2), Essex (2 ...
CVE-2012-3360Directory traversal vulnerability in virt/disk/api.py in OpenStack Com ...
CVE-2012-2654The (1) EC2 and (2) OS APIs in OpenStack Compute (Nova) Folsom (2012.2 ...
CVE-2012-2101Openstack Compute (Nova) Folsom, 2012.1, and 2011.3 does not limit the ...
CVE-2012-1585OpenStack Compute (Nova) Essex before 2011.3 allows remote authenticat ...
CVE-2012-0030Nova 2011.3 and Essex, when using the OpenStack API, allows remote aut ...
CVE-2011-4596Multiple directory traversal vulnerabilities in OpenStack Nova before ...
CVE-2011-4076OpenStack Nova before 2012.1 allows someone with access to an EC2_ACCE ...
CVE-2011-3147Versions of nova before 2012.1 could expose hypervisor host files to a ...

Security announcements

DSA / DLADescription
DLA-3873-1nova - security update
DSA-5756-1nova - security update
DSA-5337-1nova - security update
DLA-3302-1nova - security update
DLA-3109-1nova - security update
DSA-4056-1nova - security update

Search for package or bug name: Reporting problems