CVE-2019-14433 – nova

Package

Manager: pip
Name: nova
Vulnerable Version: >=0 <17.0.12 || >=18.0.0 <18.2.2 || >=19.0.0 <19.0.2

Severity

Level: High

CVSS v3.1: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

EPSS: 0.00588 pctl0.68201

Details

OpenStack Nova Server Resource Faults Leak External Exception Details An issue was discovered in OpenStack Nova before 17.0.12, 18.x before 18.2.2, and 19.x before 19.0.2. If an API request from an authenticated user ends in a fault condition due to an external exception, details of the underlying environment may be leaked in the response, and could include sensitive configuration or other data.

Metadata

Created: 2022-05-24T16:53:02Z
Modified: 2024-10-07T15:10:37Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-pg64-r7rr-phv8/GHSA-pg64-r7rr-phv8.json
CWE IDs: ["CWE-200", "CWE-209"]
Alternative ID: GHSA-pg64-r7rr-phv8
Finding: F037
Auto approve: 1