Safety vulnerability ID: 72371
The information on this page was manually curated by our Cybersecurity Intelligence Team.
In OpenStack Nova affected versions, by supplying a raw format image that is a crafted QCOW2 image with a backing file path or VMDK flat image with a descriptor file path, an authenticated user may convince systems to return a copy of the referenced file's contents from the server, resulting in unauthorized access to potentially sensitive data. All Nova deployments are affected. NOTE: this issue exists because of an incomplete fix for CVE-2022-47951 and CVE-2024-32498.
Latest version: 30.0.0
Cloud computing fabric controller
This vulnerability has no description
Scan your Python project for dependency vulnerabilities in two minutes
Scan your application