CVE-2021-3654

Опубликовано: 02 мар. 2022

Источник: debian

EPSS Высокий

Описание

A vulnerability was found in openstack-nova's console proxy, noVNC. By crafting a malicious URL, noVNC could be made to redirect to any desired URL.

Пакет	Статус	Версия исправления	Релиз	Тип
nova	fixed	2:23.0.2-3		package
nova	no-dsa		bullseye	package
nova	no-dsa		buster	package
nova	no-dsa		stretch	package

EPSS

Процентиль: 99%

0.87982

Высокий

CVE-2021-3654

CVSS3: 6.1

ubuntu

почти 4 года назад

A vulnerability was found in openstack-nova's console proxy, noVNC. By crafting a malicious URL, noVNC could be made to redirect to any desired URL.

CVE-2021-3654

CVSS3: 5.7

redhat

больше 4 лет назад

A vulnerability was found in openstack-nova's console proxy, noVNC. By crafting a malicious URL, noVNC could be made to redirect to any desired URL.

CVE-2021-3654

CVSS3: 6.1

nvd

почти 4 года назад

A vulnerability was found in openstack-nova's console proxy, noVNC. By crafting a malicious URL, noVNC could be made to redirect to any desired URL.

GHSA-vqp6-j452-j6wp

CVSS3: 6.1

github

почти 4 года назад

Open Redirect in CPython that affects users of OpenStack Nova

EPSS

Процентиль: 99%

0.87982

Высокий