Known Vulnerabilities for Compute by Openstack

Listed below are 10 of the newest known vulnerabilities associated with "Compute" by "Openstack".

These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.

Data on known vulnerable versions is also displayed based on information from known CPEs

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2015-2687 OpenStack Compute (nova) Icehouse, Juno and Havana when live migration fails allows local users to access VM volumes that the... 4.7 - MEDIUM 2017-08-09 2017-08-24
CVE-2014-2573 The VMWare driver in OpenStack Compute (Nova) 2013.2 through 2013.2.2 does not properly put VMs into RESCUE status, which all... 2.3 - LOW 2014-03-25 2014-03-26
CVE-2014-0167 The Nova EC2 API security group implementation in OpenStack Compute (Nova) 2013.1 before 2013.2.4 and icehouse before icehous... 6 - MEDIUM 2014-04-15 2023-02-13
CVE-2014-0134 The instance rescue mode in OpenStack Compute (Nova) 2013.2 before 2013.2.3 and Icehouse before 2014.1, when using libvirt to... 3.5 - LOW 2014-05-08 2014-06-21
CVE-2013-7130 The i_create_images_and_backing (aka create_images_and_backing) method in libvirt driver in OpenStack Compute (Nova) Grizzly,... 7.1 - HIGH 2014-02-06 2017-08-29
CVE-2013-4278 The "create an instance" API in OpenStack Compute (Nova) Folsom, Grizzly, and Havana does not properly enforce the os-flavor-... 3.5 - LOW 2013-09-16 2023-11-07
CVE-2013-4185 Algorithmic complexity vulnerability in OpenStack Compute (Nova) before 2013.1.3 and Havana before havana-3 does not properly... 4 - MEDIUM 2013-10-29 2018-11-15
CVE-2013-4179 The security group extension in OpenStack Compute (Nova) Grizzly 2013.1.3, Havana before havana-3, and earlier allows remote ... 4.3 - MEDIUM 2013-09-16 2023-11-07
CVE-2013-2255 HTTPSConnections in OpenStack Keystone 2013, OpenStack Compute 2013.1, and possibly other OpenStack components, fail to valid... 5.9 - MEDIUM 2019-11-01 2019-11-07
CVE-2013-2030 keystone/middleware/auth_token.py in OpenStack Nova Folsom, Grizzly, and Havana uses an insecure temporary directory for stor... 2.1 - LOW 2013-12-27 2014-05-05
Results limited to 10 most recent vulnerabilities

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
ApplicationOpenstackCompute2015.1.3AllAllAll
ApplicationOpenstackCompute2015.1.2AllAllAll
ApplicationOpenstackCompute2014.2.2AllAllAll
ApplicationOpenstackCompute2014.2.1AllAllAll
ApplicationOpenstackCompute2013.2.3AllAllAll
ApplicationOpenstackCompute2013.2.2AllAllAll
ApplicationOpenstackCompute2013.2.1AllAllAll
ApplicationOpenstackCompute2013.2AllAllAll
ApplicationOpenstackCompute2013.1.3AllAllAll
ApplicationOpenstackCompute2013.1.2AllAllAll
ApplicationOpenstackCompute2013.1.1AllAllAll
ApplicationOpenstackCompute2013.1AllAllAll
ApplicationOpenstackCompute2012.2AllAllAll
ApplicationOpenstackCompute12.0.2AllAllAll
ApplicationOpenstackCompute12.0.1AllAllAll
ApplicationOpenstackCompute12.0.0AllAllAll
ApplicationOpenstackCompute-AllAllAll
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

CVE.report and Source URL Uptime Status status.cve.report