Moderate severityNVD Advisory· Published Dec 23, 2011· Updated Jun 16, 2026
CVE-2011-4596
CVE-2011-4596
Description
Multiple directory traversal vulnerabilities in OpenStack Nova before 2011.3.1, when the EC2 API and the S3/RegisterImage image-registration method are enabled, allow remote authenticated users to overwrite arbitrary files via a crafted (1) tarball or (2) manifest.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
novaPyPI | < 12.0.0a0 | 12.0.0a0 |
Affected products
2Patches
Vulnerability mechanics
References
7- bugs.launchpad.net/nova/+bug/885167nvdThird Party AdvisoryWEB
- bugs.launchpad.net/nova/+bug/894755nvdThird Party AdvisoryWEB
- github.com/advisories/GHSA-qr62-r9xc-r2gjghsaADVISORY
- github.com/openstack/nova/commit/76363226bd8533256f7795bba358d7f4b8a6c9e6nvdThird Party AdvisoryWEB
- github.com/openstack/nova/commit/ad3241929ea00569c74505ed002208ce360c667envdThird Party AdvisoryWEB
- lists.launchpad.net/openstack/msg06105.htmlnvdThird Party AdvisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2011-4596ghsaADVISORY
News mentions
0No linked articles in our index yet.