Safety vulnerability ID: 45513
The information on this page was manually curated by our Cybersecurity Intelligence Team.
Nova 24.0.0 includes a fix for CVE-2021-3654: A vulnerability was found in openstack-nova's console proxy, noVNC. By crafting a malicious URL, noVNC could be made to redirect to any desired URL.
https://github.com/openstack/nova/commit/781612b33282ed298f742c85dab58a075c8b793e
Latest version: 30.0.0
Cloud computing fabric controller
A vulnerability was found in openstack-nova's console proxy, noVNC. By crafting a malicious URL, noVNC could be made to redirect to any desired URL. See CVE-2021-3654.
MISC:https://bugs.launchpad.net/nova/+bug/1927677: https://bugs.launchpad.net/nova/+bug/1927677
MISC:https://bugs.python.org/issue32084: https://bugs.python.org/issue32084
MISC:https://bugzilla.redhat.com/show_bug.cgi?id=1961439: https://bugzilla.redhat.com/show_bug.cgi?id=1961439
MISC:https://opendev.org/openstack/nova/commit/04d48527b62a35d912f93bc75613a6cca606df66: https://opendev.org/openstack/nova/commit/04d48527b62a35d912f93bc75613a6cca606df66
MISC:https://opendev.org/openstack/nova/commit/8906552cfc2525a44251d4cf313ece61e57251eb: https://opendev.org/openstack/nova/commit/8906552cfc2525a44251d4cf313ece61e57251eb
MISC:https://security.openstack.org/ossa/OSSA-2021-002.html: https://security.openstack.org/ossa/OSSA-2021-002.html
MISC:https://www.openwall.com/lists/oss-security/2021/07/29/2: https://www.openwall.com/lists/oss-security/2021/07/29/2
Scan your Python project for dependency vulnerabilities in two minutes
Scan your application