LOW 2.8
PYSEC-2026-690
Openstack nova qcow format could expose host filesystem information
Details
Versions of nova before 2012.1 could expose hypervisor host files to a guest operating system when processing a maliciously constructed qcow filesystem.
Are you affected?
Enter the version of the package you're using.
Affected packages
References
- https://nvd.nist.gov/vuln/detail/CVE-2011-3147 [ADVISORY]
- https://github.com/openstack/nova/commit/ff9d353b2f4fee469e530fbc8dc231a41f6fed84 [WEB]
- https://bugs.launchpad.net/nova/+bug/853330 [WEB]
- http://bazaar.launchpad.net/~hudson-openstack/nova/trunk/revision/1604 [WEB]
- https://pypi.org/project/nova [PACKAGE]
- https://github.com/advisories/GHSA-hqfx-4x4w-vmwp [ADVISORY]