CVE-2011-4596: OpenStack Nova Multiple directory traversal vulnerabilities
6
CVSS Score
Basic Information
CVE ID
GHSA ID
EPSS Score
0.76017%
CWE
Published
5/14/2022
Updated
5/14/2024
KEV Status
No
Technology
Python
Technical Details
CVSS Vector
AV:N/AC:M/Au:S/C:P/I:P/A:P
Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
---|---|---|---|
nova | pip | < 12.0.0a0 | 12.0.0a0 |
Vulnerability Intelligence
Miggo AI
Root Cause Analysis
The vulnerability stems from two key functions:
- _download_file used os.path.join(local_dir, filename) without sanitizing 'filename', allowing path traversal (fixed by adding os.path.basename()).
- _untarzip_image used tarfile.extractall() without validating tar entry names (fixed by adding _test_for_malicious_tarball check). Both issues are directly addressed in the patch and confirmed by CVE descriptions/bug reports (LP#885167, LP#894755).