MEDIUM 6.5 PyPI
OpenStack Nova Server Resource Faults Leak External Exception Details
GHSA-pg64-r7rr-phv8 · CVE-2019-14433 · PYSEC-2019-191
Published · Modified
Description
An issue was discovered in OpenStack Nova before 17.0.12, 18.x before 18.2.2, and 19.x before 19.0.2. If an API request from an authenticated user ends in a fault condition due to an external exception, details of the underlying environment may be leaked in the response, and could include sensitive configuration or other data.
References
- ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2019-14433
- WEB https://github.com/openstack/nova/commit/298b337a16c0d10916b4431c436d19b3d6f5360e
- WEB https://access.redhat.com/errata/RHSA-2019:2622
- WEB https://access.redhat.com/errata/RHSA-2019:2631
- WEB https://access.redhat.com/errata/RHSA-2019:2652
- PACKAGE https://github.com/openstack/nova
- WEB https://github.com/pypa/advisory-database/tree/main/vulns/nova/PYSEC-2019-191.yaml
- WEB https://launchpad.net/bugs/1837877
- WEB https://lists.debian.org/debian-lts-announce/2022/09/msg00018.html
- WEB https://security.openstack.org/ossa/OSSA-2019-003.html
- WEB https://usn.ubuntu.com/4104-1
- WEB http://www.openwall.com/lists/oss-security/2019/08/06/6
Ready to move
Start Securing
Free, no credit card | First findings in minutes