High severityNVD Advisory· Published Aug 9, 2019· Updated Aug 5, 2024
CVE-2019-14433
CVE-2019-14433
Description
An issue was discovered in OpenStack Nova before 17.0.12, 18.x before 18.2.2, and 19.x before 19.0.2. If an API request from an authenticated user ends in a fault condition due to an external exception, details of the underlying environment may be leaked in the response, and could include sensitive configuration or other data.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
novaPyPI | < 17.0.12 | 17.0.12 |
novaPyPI | >= 18.0.0, < 18.2.2 | 18.2.2 |
novaPyPI | >= 19.0.0, < 19.0.2 | 19.0.2 |
Affected products
2- OpenStack/Novadescription
Patches
Vulnerability mechanics
References
13- access.redhat.com/errata/RHSA-2019:2622ghsavendor-advisoryx_refsource_REDHATWEB
- access.redhat.com/errata/RHSA-2019:2631ghsavendor-advisoryx_refsource_REDHATWEB
- access.redhat.com/errata/RHSA-2019:2652ghsavendor-advisoryx_refsource_REDHATWEB
- github.com/advisories/GHSA-pg64-r7rr-phv8ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2019-14433ghsaADVISORY
- usn.ubuntu.com/4104-1/mitrevendor-advisoryx_refsource_UBUNTU
- www.openwall.com/lists/oss-security/2019/08/06/6ghsamailing-listx_refsource_MLISTWEB
- github.com/openstack/nova/commit/298b337a16c0d10916b4431c436d19b3d6f5360eghsaWEB
- github.com/pypa/advisory-database/tree/main/vulns/nova/PYSEC-2019-191.yamlghsaWEB
- launchpad.net/bugs/1837877ghsax_refsource_MISCWEB
- lists.debian.org/debian-lts-announce/2022/09/msg00018.htmlghsamailing-listx_refsource_MLISTWEB
- security.openstack.org/ossa/OSSA-2019-003.htmlghsax_refsource_CONFIRMWEB
- usn.ubuntu.com/4104-1ghsaWEB
News mentions
0No linked articles in our index yet.