MEDIUM PyPI
GHSA-j6xh-q826-55jw · CVE-2013-4179 OpenStack Compute (Nova) vulnerable to denial of service via XML Entity Expansion attack
Modified: 11/28/2024
package
PyPI / nova
pkg:pypi/nova
MEDIUM 6.5 PyPI
GHSA-jv34-xvjq-ppch · CVE-2014-2573, PYSEC-2014-113 OpenStack Nova VMWare driver leaks rescued images
Modified: 11/26/2024
MEDIUM PyPI
GHSA-m454-cm7h-rqhh · CVE-2012-3360 OpenStack Nova Directory traversal vulnerability
Modified: 11/22/2024
HIGH 8.2 PyPI
GHSA-m4f3-qp2w-gwh6 · CVE-2026-24708 OpenStack Nova calls qemu-img without format restrictions for resize
Modified: 2/21/2026
MEDIUM PyPI
GHSA-m674-hmx2-ffhq · CVE-2013-2096 OpenStack Compute (Nova) does not verify the virtual size of a QCOW2 image
Modified: 4/12/2025
MEDIUM PyPI
GHSA-mfmj-gwg3-vhw7 · CVE-2015-3280 OpenStack Compute (nova) allows remote authenticated users to cause a denial of service
Modified: 12/8/2024
MEDIUM PyPI
GHSA-p258-xmh3-72pv · CVE-2014-0167 OpenStack Compute (Nova) allows remote authenticated users to gain privileges via API requests
Modified: 4/13/2025
MEDIUM 6.5 PyPI
GHSA-pg64-r7rr-phv8 · CVE-2019-14433, PYSEC-2019-191 OpenStack Nova Server Resource Faults Leak External Exception Details
Modified: 10/7/2024
MEDIUM PyPI
GHSA-ph2h-hh49-vh27 · CVE-2013-4185 OpenStack Nova Denial of Service in network source security groups
Modified: 5/19/2024
MEDIUM PyPI
GHSA-pjvw-p2v5-wf6q · CVE-2012-1585 OpenStack Nova Long server names grow nova-api log files significantly
Modified: 5/19/2024
MEDIUM 6.5 PyPI
GHSA-qfp8-hfqx-c79c · CVE-2013-0335, PYSEC-2013-43 OpenStack Compute Nova Unauthorised access to arbitrary VM using VNC token from deleted VM
Modified: 11/26/2024
MEDIUM PyPI
GHSA-qr62-r9xc-r2gj · CVE-2011-4596 OpenStack Nova Multiple directory traversal vulnerabilities
Modified: 5/19/2024
MEDIUM 6.5 PyPI
GHSA-r4v4-w9pv-6fph · CVE-2024-32498 OpenStack Cinder, Glance, and Nova vulnerable to arbitrary file access
Modified: 11/4/2025
MEDIUM 6.5 PyPI
GHSA-rm86-h44c-2r2m · CVE-2024-40767 OpenStack Nova vulnerable to unauthorized access to potentially sensitive data
Modified: 11/4/2025
MEDIUM PyPI
GHSA-rwhr-h69g-8qmq · CVE-2012-5625, PYSEC-2012-42 OpenStack Nova Information leak in libvirt LVM-backed instances
Modified: 5/19/2026
LOW 3.3 PyPI
GHSA-v725-c588-h936 · CVE-2022-37394 OpenStack Nova Changing vnic_type breaks compute service restart
Modified: 11/28/2024
MEDIUM 5.9 PyPI
GHSA-vcmv-6rxx-fh7r · CVE-2011-4076 OpenStack Nova Exposure of Sensitive Information to an Unauthorized Actor
Modified: 5/8/2024
HIGH 8.6 PyPI
GHSA-vq76-rxx3-4r4r · CVE-2017-17051 OpenStack Nova DoS by rebuilding the same instance with a new image multiple times
Modified: 5/19/2024
MEDIUM 6.1 PyPI
GHSA-vqp6-j452-j6wp · CVE-2021-3654 Open Redirect in CPython that affects users of OpenStack Nova
Modified: 11/8/2023
MEDIUM 6.5 PyPI
GHSA-w2wf-cgwh-vpqg · CVE-2017-16239 OpenStack Nova Filter Scheduler Bypass
Modified: 5/19/2024
LOW 3.1 PyPI
GHSA-w429-xc55-hc48 · CVE-2014-0134, PYSEC-2014-112 OpenStack Nova host data leak to vm instance in rescue mode
Modified: 11/26/2024
MEDIUM PyPI
GHSA-x8xr-rm9r-7mvf · CVE-2015-0259 OpenStack Compute (Nova) has Insufficient Verification of Data Authenticity
Modified: 12/8/2024
MEDIUM 6.5 PyPI
GHSA-xc4g-7vw8-924h · CVE-2012-3447, PYSEC-2012-21 Arbitrary file overwrite in OpenStack Nova
Modified: 10/1/2024
MEDIUM PyPI
GHSA-xjmj-p278-4jp5 · CVE-2014-3517 OpenStack Compute (Nova) Exposure of Sensitive Information to an Unauthorized Actor vulnerability
Modified: 12/8/2024
LOW PyPI
GHSA-xxgm-qpj5-4886 · CVE-2012-3371 OpenStack Nova Scheduler denial of service through scheduler_hints
Modified: 11/22/2024
— PyPI
PYSEC-2012-21 · CVE-2012-3447, GHSA-xc4g-7vw8-924h Modified: 10/9/2025
— PyPI
PYSEC-2012-42 · CVE-2012-5625, GHSA-rwhr-h69g-8qmq Modified: 5/19/2026
— PyPI
PYSEC-2013-43 · CVE-2013-0335, GHSA-qfp8-hfqx-c79c Modified: 11/25/2024
— PyPI
PYSEC-2013-44 · CVE-2013-1838, GHSA-63fq-8fp9-vhwq Modified: 11/25/2024
— PyPI
PYSEC-2014-111 · CVE-2013-7130, GHSA-99rx-9x8v-9j8p Modified: 11/25/2024
— PyPI
PYSEC-2014-112 · CVE-2014-0134, GHSA-w429-xc55-hc48 Modified: 11/25/2024
— PyPI
PYSEC-2014-113 · CVE-2014-2573, GHSA-jv34-xvjq-ppch Modified: 11/25/2024
MEDIUM 4.7 PyPI
PYSEC-2017-145 · CVE-2015-2687, GHSA-97fv-22hc-mrgj Modified: 11/25/2024
— PyPI
PYSEC-2019-191 · CVE-2019-14433, GHSA-pg64-r7rr-phv8 Modified: 4/29/2024
— PyPI
PYSEC-2020-243 · CVE-2020-17376, GHSA-c7w7-9c85-4qxv Modified: 4/29/2024
LOW 3.3 PyPI
GHSA-22jm-4hxw-35jf · CVE-2015-9543 OpenStack Nova can leak consoleauth token into log files
Modified: 5/9/2024
MEDIUM PyPI
GHSA-22w9-j288-8p9w · CVE-2013-6419 OpenStack Nova Router metadata queries are not restricted by tenant
Modified: 5/19/2024
MEDIUM PyPI
GHSA-27q4-38qf-m25h · CVE-2013-4497 OpenStack Compute Nova Improper Access Control
Modified: 5/19/2024
LOW PyPI
GHSA-2w87-5qcj-j6gx · CVE-2013-4469 OpenStack Compute (Nova) Denial of service due to improper validation of virtual size of QCOW2 image
Modified: 5/19/2024
MEDIUM PyPI
GHSA-3vx7-xff6-h2vx · CVE-2015-3241 OpenStack Nova instance migration process does not stop when instance is deleted
Modified: 11/28/2024
LOW PyPI
GHSA-43cm-73px-5v4m · CVE-2013-4278 OpenStack Compute (Nova) Resource limit circumvention in Nova private flavors
Modified: 5/19/2024
MEDIUM PyPI
GHSA-43hc-pwvx-pmfg · CVE-2014-3708 OpenStack Compute (Nova) Denial of Service vulnerability
Modified: 12/8/2024
MEDIUM PyPI
GHSA-46r8-9cj7-pw6g · CVE-2012-2654 OpenStack Compute (Nova) Improper Input Validation
Modified: 11/22/2024
MEDIUM 5.3 PyPI
GHSA-49jv-37hm-6gfp · CVE-2016-2140 OpenStack Nova host data access through resize/migration
Modified: 5/19/2024
LOW PyPI
GHSA-5644-2v3h-5w4x · CVE-2013-4463 OpenStack Nova denial of service through compressed disk images
Modified: 5/19/2024
MEDIUM PyPI
GHSA-5mj6-643f-2g85 · CVE-2013-2256 OpenStack Compute (Nova) allows remote authenticated users to obtain sensitive information
Modified: 12/8/2024
MEDIUM 6.5 PyPI
GHSA-63fq-8fp9-vhwq · CVE-2013-1838, PYSEC-2013-44 OpenStack Compute (Nova) Denial of service via a large number of calls to the addFixedIp function
Modified: 11/26/2024
MEDIUM PyPI
GHSA-67rh-9p29-vrxr · CVE-2015-7713 OpenStack Compute (Nova) allows remote attackers to bypass intended restriction
Modified: 12/8/2024
MEDIUM 5.7 PyPI
GHSA-7h75-hwxx-qpgc · CVE-2022-47951 OpenStack Cinder, glance, and Nova vulnerable to Path Traversal
Modified: 4/1/2025
MEDIUM PyPI
GHSA-92hc-c226-32q7 · CVE-2014-3608 OpenStack Compute (Nova)'s VMWare driver vulnerable to denial of service
Modified: 12/8/2024
MEDIUM 4.7 PyPI
GHSA-97fv-22hc-mrgj · CVE-2015-2687, PYSEC-2017-145 OpenStack Compute (Nova) Improper Access Control
Modified: 11/26/2024
HIGH 7.5 PyPI
GHSA-99rx-9x8v-9j8p · CVE-2013-7130, PYSEC-2014-111 OpenStack Nova Live migration can leak root disk into ephemeral storage
Modified: 11/26/2024
MEDIUM 5.9 PyPI
GHSA-c36r-g737-9qp8 · CVE-2015-8749 OpenStack Nova Potential Xen connection password leak via StorageError
Modified: 5/19/2024
HIGH 8.3 PyPI
GHSA-c7w7-9c85-4qxv · CVE-2020-17376, PYSEC-2020-243 OpenStack Nova Live migration fails to update persistent domain XML
Modified: 9/26/2024
MEDIUM PyPI
GHSA-cm54-3vvf-f5p8 · CVE-2012-3361 OpenStack Nova Arbitrary file injection/corruption through directory traversal issues
Modified: 11/22/2024
CRITICAL 9.8 PyPI
GHSA-f4g4-cj8f-3cr9 · CVE-2017-7214 OpenStack Nova logs sensitive context from notification exceptions
Modified: 5/19/2024
HIGH 7.5 PyPI
GHSA-ffmh-r67w-m88f · CVE-2017-18191 OpenStack Nova Denial of service attack on the compute host
Modified: 5/19/2024
HIGH 7.5 PyPI
GHSA-g2j5-7vgx-6xrx · CVE-2015-5162 OpenStack Cinder, Glance, and Nova contain Uncontrolled Resource Consumption
Modified: 11/8/2023
MEDIUM PyPI
GHSA-g63p-mfcm-54c4 · CVE-2014-8333 OpenStack Nova VMware instance leak potentially leading to compute DoS
Modified: 5/19/2024
LOW PyPI
GHSA-grp5-h379-j75x · CVE-2013-7048 OpenStack Nova live snapshots use an insecure local directory
Modified: 5/19/2024
LOW PyPI
GHSA-hq3f-9gf7-73r8 · CVE-2012-2101 Openstack Compute (Nova) Denial of service via network request that triggers large number of iptables rules
Modified: 11/22/2024
LOW 2.8 PyPI
GHSA-hqfx-4x4w-vmwp · CVE-2011-3147 Openstack nova qcow format could expose host filesystem information
Modified: 5/9/2024
MEDIUM PyPI
GHSA-hrv9-4x4c-9jc8 · CVE-2013-6437 OpenStack Nova DoS through ephemeral disk backing files
Modified: 5/19/2024