Known Vulnerabilities for Nova by Openstack
Listed below are 10 of the newest known vulnerabilities associated with "Nova" by "Openstack".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2025-31819 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in pixelgrade Nova Blocks ... | Not Provided | 2025-04-01 | 2026-04-01 |
| CVE-2025-24612 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Ihor Kit Shipping for N... | Not Provided | 2025-01-27 | 2026-04-01 |
| CVE-2021-3654 | A vulnerability was found in openstack-nova's console proxy, noVNC. By crafting a malicious URL, noVNC could be made to redir... | 6.1 - MEDIUM | 2022-03-02 | 2023-05-03 |
| CVE-2020-17376 | An issue was discovered in Guest.migrate in virt/libvirt/guest.py in OpenStack Nova before 19.3.1, 20.x before 20.3.1, and 21... | 8.3 - HIGH | 2020-08-26 | 2020-09-14 |
| CVE-2019-14433 | An issue was discovered in OpenStack Nova before 17.0.12, 18.x before 18.2.2, and 19.x before 19.0.2. If an API request from ... | 6.5 - MEDIUM | 2019-08-09 | 2022-10-27 |
| CVE-2017-18191 | An issue was discovered in OpenStack Nova 15.x through 15.1.0 and 16.x through 16.1.1. By detaching and reattaching an encryp... | 7.5 - HIGH | 2018-02-19 | 2019-10-03 |
| CVE-2017-17051 | An issue was discovered in the default FilterScheduler in OpenStack Nova 16.0.3. By repeatedly rebuilding an instance with ne... | 8.6 - HIGH | 2017-12-05 | 2019-10-03 |
| CVE-2017-16239 | In OpenStack Nova through 14.0.9, 15.x through 15.0.7, and 16.x through 16.0.2, by rebuilding an instance, an authenticated u... | 6.5 - MEDIUM | 2017-11-14 | 2019-10-03 |
| CVE-2017-7214 | An issue was discovered in exception_wrapper.py in OpenStack Nova 13.x through 13.1.3, 14.x through 14.0.4, and 15.x through ... | 9.8 - CRITICAL | 2017-03-21 | 2018-01-05 |
| CVE-2016-2140 | The libvirt driver in OpenStack Compute (Nova) before 2015.1.4 (kilo) and 12.0.x before 12.0.3 (liberty), when using raw stor... | 5.3 - MEDIUM | 2016-04-12 | 2023-02-13 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Openstack | Nova | 2015.1.4 | All | All | All |
| Application | Openstack | Nova | 2015.1.3 | All | All | All |
| Application | Openstack | Nova | 2015.1.2 | All | All | All |
| Application | Openstack | Nova | 2015.1.1 | All | All | All |
| Application | Openstack | Nova | 2015.1.0 | All | All | All |
| Application | Openstack | Nova | 2015.1.0 | beta1 | All | All |
| Application | Openstack | Nova | 2015.1.0 | beta2 | All | All |
| Application | Openstack | Nova | 2015.1.0 | beta3 | All | All |
| Application | Openstack | Nova | 2015.1.0 | milestone1 | All | All |
| Application | Openstack | Nova | 2015.1.0 | milestone2 | All | All |
| Application | Openstack | Nova | 2015.1.0 | milestone3 | All | All |
| Application | Openstack | Nova | 2015.1.0 | rc1 | All | All |
| Application | Openstack | Nova | 2015.1.0 | rc2 | All | All |
| Application | Openstack | Nova | 2015.1.0 | rc3 | All | All |
| Application | Openstack | Nova | 2014.2.4 | All | All | All |
| Application | Openstack | Nova | 2014.2.3 | All | All | All |
| Application | Openstack | Nova | 2014.2.2 | All | All | All |
| Application | Openstack | Nova | 2014.2.1 | All | All | All |
| Application | Openstack | Nova | 2014.2.0 | beta1 | All | All |
| Application | Openstack | Nova | 2014.2.0 | beta2 | All | All |