Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/cinder@2014.1.3-11%2Bdeb8u1
Typedeb
Namespacedebian
Namecinder
Version2014.1.3-11+deb8u1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version2:21.3.1-1~deb12u1
Latest_non_vulnerable_version2:21.3.1-1~deb12u1
Affected_by_vulnerabilities
0
url VCID-7uus-f9pq-qkb5
vulnerability_id VCID-7uus-f9pq-qkb5
summary An insecure-credentials flaw was found in all openstack-cinder versions before openstack-cinder 14.1.0, all openstack-cinder 15.x.x versions before openstack-cinder 15.2.0 and all openstack-cinder 16.x.x versions before openstack-cinder 16.1.0. When using openstack-cinder with the Dell EMC ScaleIO or VxFlex OS backend storage driver, credentials for the entire backend are exposed in the ``connection_info`` element in all Block Storage v3 Attachments API calls containing that element. This flaw enables an end-user to create a volume, make an API call to show the attachment detail information, and retrieve a username and password that may be used to connect to another user's volume. Additionally, these credentials are valid for the ScaleIO or VxFlex OS Management API, should an attacker discover the Management API endpoint. Source: OpenStack project
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10755.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10755.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-10755
reference_id
reference_type
scores
0
value 0.00182
scoring_system epss
scoring_elements 0.40016
published_at 2026-04-18T12:55:00Z
1
value 0.00182
scoring_system epss
scoring_elements 0.40045
published_at 2026-04-16T12:55:00Z
2
value 0.00315
scoring_system epss
scoring_elements 0.54597
published_at 2026-04-07T12:55:00Z
3
value 0.00315
scoring_system epss
scoring_elements 0.54649
published_at 2026-04-08T12:55:00Z
4
value 0.00315
scoring_system epss
scoring_elements 0.54644
published_at 2026-04-09T12:55:00Z
5
value 0.00315
scoring_system epss
scoring_elements 0.54639
published_at 2026-04-12T12:55:00Z
6
value 0.00315
scoring_system epss
scoring_elements 0.54605
published_at 2026-04-02T12:55:00Z
7
value 0.00315
scoring_system epss
scoring_elements 0.54535
published_at 2026-04-01T12:55:00Z
8
value 0.00315
scoring_system epss
scoring_elements 0.54629
published_at 2026-04-04T12:55:00Z
9
value 0.00315
scoring_system epss
scoring_elements 0.54656
published_at 2026-04-11T12:55:00Z
10
value 0.00315
scoring_system epss
scoring_elements 0.54618
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-10755
2
reference_url https://bugs.launchpad.net/cinder/+bug/1823200
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/cinder/+bug/1823200
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10755
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10755
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10755
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10755
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://github.com/openstack/cinder/commit/ba785eef5f515b869c0d68016e84bb74f76ab45e
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/cinder/commit/ba785eef5f515b869c0d68016e84bb74f76ab45e
7
reference_url https://github.com/openstack/os-brick/commit/4047948f1ac8055a025972ad73ec3ec421450775
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/os-brick/commit/4047948f1ac8055a025972ad73ec3ec421450775
8
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/cinder/PYSEC-2020-228.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/cinder/PYSEC-2020-228.yaml
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-10755
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-10755
10
reference_url https://usn.ubuntu.com/4420-1
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4420-1
11
reference_url https://usn.ubuntu.com/4420-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4420-1/
12
reference_url https://wiki.openstack.org/wiki/OSSN/OSSN-0086
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://wiki.openstack.org/wiki/OSSN/OSSN-0086
13
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1842748
reference_id 1842748
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1842748
14
reference_url https://github.com/advisories/GHSA-v3m2-pg96-w33m
reference_id GHSA-v3m2-pg96-w33m
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-v3m2-pg96-w33m
15
reference_url https://access.redhat.com/errata/RHSA-2020:4283
reference_id RHSA-2020:4283
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4283
16
reference_url https://access.redhat.com/errata/RHSA-2020:4391
reference_id RHSA-2020:4391
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4391
fixed_packages
0
url pkg:deb/debian/cinder@2:17.0.1-1%2Bdeb11u1
purl pkg:deb/debian/cinder@2:17.0.1-1%2Bdeb11u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-h6rd-5p7q-s3gq
1
vulnerability VCID-hd9e-1msb-uqa6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:17.0.1-1%252Bdeb11u1
aliases CVE-2020-10755, GHSA-v3m2-pg96-w33m, PYSEC-2020-228
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7uus-f9pq-qkb5
1
url VCID-br4q-499g-vqhg
vulnerability_id VCID-br4q-499g-vqhg
summary 
OpenStack Cinder, glance, and Nova vulnerable to Path Traversal
An issue was discovered in OpenStack Cinder before 19.1.2, 20.x before 20.0.2, and 21.0.0; Glance before 23.0.1, 24.x before 24.1.1, and 25.0.0; and Nova before 24.1.2, 25.x before 25.0.2, and 26.0.0. By supplying a specially created VMDK flat image that references a specific backing file path, an authenticated user may convince systems to return a copy of that file's contents from the server, resulting in unauthorized access to potentially sensitive data.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-47951.json
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-47951.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-47951
reference_id
reference_type
scores
0
value 0.00731
scoring_system epss
scoring_elements 0.72732
published_at 2026-04-18T12:55:00Z
1
value 0.00731
scoring_system epss
scoring_elements 0.72721
published_at 2026-04-16T12:55:00Z
2
value 0.00731
scoring_system epss
scoring_elements 0.72679
published_at 2026-04-13T12:55:00Z
3
value 0.00731
scoring_system epss
scoring_elements 0.72689
published_at 2026-04-12T12:55:00Z
4
value 0.00731
scoring_system epss
scoring_elements 0.72706
published_at 2026-04-11T12:55:00Z
5
value 0.00731
scoring_system epss
scoring_elements 0.72682
published_at 2026-04-09T12:55:00Z
6
value 0.00731
scoring_system epss
scoring_elements 0.72669
published_at 2026-04-08T12:55:00Z
7
value 0.00731
scoring_system epss
scoring_elements 0.7263
published_at 2026-04-07T12:55:00Z
8
value 0.00731
scoring_system epss
scoring_elements 0.72653
published_at 2026-04-04T12:55:00Z
9
value 0.00731
scoring_system epss
scoring_elements 0.72635
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-47951
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47951
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47951
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://launchpad.net/bugs/1996188
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-31T16:49:04Z/
url https://launchpad.net/bugs/1996188
5
reference_url https://lists.debian.org/debian-lts-announce/2023/01/msg00040.html
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-31T16:49:04Z/
url https://lists.debian.org/debian-lts-announce/2023/01/msg00040.html
6
reference_url https://lists.debian.org/debian-lts-announce/2023/01/msg00041.html
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-31T16:49:04Z/
url https://lists.debian.org/debian-lts-announce/2023/01/msg00041.html
7
reference_url https://lists.debian.org/debian-lts-announce/2023/01/msg00042.html
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-31T16:49:04Z/
url https://lists.debian.org/debian-lts-announce/2023/01/msg00042.html
8
reference_url https://security.openstack.org/ossa/OSSA-2023-002.html
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-31T16:49:04Z/
url https://security.openstack.org/ossa/OSSA-2023-002.html
9
reference_url https://www.debian.org/security/2023/dsa-5336
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-31T16:49:04Z/
url https://www.debian.org/security/2023/dsa-5336
10
reference_url https://www.debian.org/security/2023/dsa-5337
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-31T16:49:04Z/
url https://www.debian.org/security/2023/dsa-5337
11
reference_url https://www.debian.org/security/2023/dsa-5338
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-31T16:49:04Z/
url https://www.debian.org/security/2023/dsa-5338
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029561
reference_id 1029561
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029561
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029562
reference_id 1029562
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029562
14
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029563
reference_id 1029563
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029563
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2161812
reference_id 2161812
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2161812
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-47951
reference_id CVE-2022-47951
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-47951
17
reference_url https://github.com/advisories/GHSA-7h75-hwxx-qpgc
reference_id GHSA-7h75-hwxx-qpgc
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-7h75-hwxx-qpgc
18
reference_url https://access.redhat.com/errata/RHSA-2023:1015
reference_id RHSA-2023:1015
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1015
19
reference_url https://access.redhat.com/errata/RHSA-2023:1016
reference_id RHSA-2023:1016
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1016
20
reference_url https://access.redhat.com/errata/RHSA-2023:1017
reference_id RHSA-2023:1017
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1017
21
reference_url https://access.redhat.com/errata/RHSA-2023:1278
reference_id RHSA-2023:1278
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1278
22
reference_url https://access.redhat.com/errata/RHSA-2023:1279
reference_id RHSA-2023:1279
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1279
23
reference_url https://access.redhat.com/errata/RHSA-2023:1280
reference_id RHSA-2023:1280
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1280
24
reference_url https://usn.ubuntu.com/5835-1/
reference_id USN-5835-1
reference_type
scores
url https://usn.ubuntu.com/5835-1/
25
reference_url https://usn.ubuntu.com/5835-2/
reference_id USN-5835-2
reference_type
scores
url https://usn.ubuntu.com/5835-2/
26
reference_url https://usn.ubuntu.com/5835-3/
reference_id USN-5835-3
reference_type
scores
url https://usn.ubuntu.com/5835-3/
27
reference_url https://usn.ubuntu.com/5835-4/
reference_id USN-5835-4
reference_type
scores
url https://usn.ubuntu.com/5835-4/
28
reference_url https://usn.ubuntu.com/5835-5/
reference_id USN-5835-5
reference_type
scores
url https://usn.ubuntu.com/5835-5/
29
reference_url https://usn.ubuntu.com/6882-2/
reference_id USN-6882-2
reference_type
scores
url https://usn.ubuntu.com/6882-2/
fixed_packages
0
url pkg:deb/debian/cinder@2:17.0.1-1%2Bdeb11u1
purl pkg:deb/debian/cinder@2:17.0.1-1%2Bdeb11u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-h6rd-5p7q-s3gq
1
vulnerability VCID-hd9e-1msb-uqa6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:17.0.1-1%252Bdeb11u1
aliases CVE-2022-47951, GHSA-7h75-hwxx-qpgc
risk_score 3.5
exploitability 0.5
weighted_severity 6.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-br4q-499g-vqhg
2
url VCID-ggmm-svqw-bkhv
vulnerability_id VCID-ggmm-svqw-bkhv
summary 
OpenStack Cinder file disclosure in image convert
OpenStack Cinder before 2014.1.5 (icehouse), 2014.2.x before 2014.2.4 (juno), and 2015.1.x before 2015.1.1 (kilo) allows remote authenticated users to read arbitrary files via a crafted qcow2 signature in an image to the upload-to-image command.
references
0
reference_url http://lists.openstack.org/pipermail/openstack-announce/2015-June/000367.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.openstack.org/pipermail/openstack-announce/2015-June/000367.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2015-1206.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-1206.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1851.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1851.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-1851
reference_id
reference_type
scores
0
value 0.00489
scoring_system epss
scoring_elements 0.65545
published_at 2026-04-16T12:55:00Z
1
value 0.00489
scoring_system epss
scoring_elements 0.65509
published_at 2026-04-13T12:55:00Z
2
value 0.00489
scoring_system epss
scoring_elements 0.65537
published_at 2026-04-12T12:55:00Z
3
value 0.00489
scoring_system epss
scoring_elements 0.65551
published_at 2026-04-11T12:55:00Z
4
value 0.00489
scoring_system epss
scoring_elements 0.65427
published_at 2026-04-01T12:55:00Z
5
value 0.00489
scoring_system epss
scoring_elements 0.65557
published_at 2026-04-18T12:55:00Z
6
value 0.00489
scoring_system epss
scoring_elements 0.65503
published_at 2026-04-04T12:55:00Z
7
value 0.00489
scoring_system epss
scoring_elements 0.65476
published_at 2026-04-02T12:55:00Z
8
value 0.00489
scoring_system epss
scoring_elements 0.65532
published_at 2026-04-09T12:55:00Z
9
value 0.00489
scoring_system epss
scoring_elements 0.65521
published_at 2026-04-08T12:55:00Z
10
value 0.00489
scoring_system epss
scoring_elements 0.65468
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-1851
4
reference_url https://bugs.launchpad.net/cinder/+bug/1415087
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/cinder/+bug/1415087
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1851
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1851
6
reference_url https://github.com/openstack/cinder
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/cinder
7
reference_url https://github.com/openstack/cinder/commit/9634b76ba5886d6c2f2128d550cb005dabf48213
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/cinder/commit/9634b76ba5886d6c2f2128d550cb005dabf48213
8
reference_url https://github.com/openstack/cinder/commit/b1143ee45323e63b965a3710f9063e65b252c978
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/cinder/commit/b1143ee45323e63b965a3710f9063e65b252c978
9
reference_url https://github.com/openstack/cinder/commit/bc0549e08b010edb863d409d80114aa78d317a61
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/cinder/commit/bc0549e08b010edb863d409d80114aa78d317a61
10
reference_url https://github.com/openstack/cinder/commit/d31c937c566005dedf41a60c6b5bd5e7b26f221b
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/cinder/commit/d31c937c566005dedf41a60c6b5bd5e7b26f221b
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-1851
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-1851
12
reference_url http://www.debian.org/security/2015/dsa-3292
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2015/dsa-3292
13
reference_url http://www.openwall.com/lists/oss-security/2015/06/13/1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2015/06/13/1
14
reference_url http://www.openwall.com/lists/oss-security/2015/06/17/2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2015/06/17/2
15
reference_url http://www.openwall.com/lists/oss-security/2015/06/17/7
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2015/06/17/7
16
reference_url http://www.ubuntu.com/usn/USN-2703-1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-2703-1
17
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1231817
reference_id 1231817
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1231817
18
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=788996
reference_id 788996
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=788996
19
reference_url https://github.com/advisories/GHSA-9hcj-h2qc-689p
reference_id GHSA-9hcj-h2qc-689p
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9hcj-h2qc-689p
20
reference_url https://access.redhat.com/errata/RHSA-2015:1206
reference_id RHSA-2015:1206
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1206
21
reference_url https://usn.ubuntu.com/2703-1/
reference_id USN-2703-1
reference_type
scores
url https://usn.ubuntu.com/2703-1/
fixed_packages
0
url pkg:deb/debian/cinder@2:8.0.0-4~bpo8%2B1
purl pkg:deb/debian/cinder@2:8.0.0-4~bpo8%2B1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7uus-f9pq-qkb5
1
vulnerability VCID-br4q-499g-vqhg
2
vulnerability VCID-h6rd-5p7q-s3gq
3
vulnerability VCID-hd9e-1msb-uqa6
4
vulnerability VCID-nyak-4rzf-9fhp
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:8.0.0-4~bpo8%252B1
aliases CVE-2015-1851, GHSA-9hcj-h2qc-689p
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ggmm-svqw-bkhv
3
url VCID-h6rd-5p7q-s3gq
vulnerability_id VCID-h6rd-5p7q-s3gq
summary 
OpenStack Cinder, Glance, and Nova vulnerable to arbitrary file access
An issue was discovered in OpenStack Cinder through 24.0.0, Glance before 28.0.2, and Nova before 29.0.3. Arbitrary file access can occur via custom QCOW2 external data. By supplying a crafted QCOW2 image that references a specific data file path, an authenticated user may convince systems to return a copy of that file's contents from the server, resulting in unauthorized access to potentially sensitive data. All Cinder and Nova deployments are affected; only Glance deployments with image conversion enabled are affected.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32498.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32498.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-32498
reference_id
reference_type
scores
0
value 0.00171
scoring_system epss
scoring_elements 0.38413
published_at 2026-04-16T12:55:00Z
1
value 0.00171
scoring_system epss
scoring_elements 0.38366
published_at 2026-04-13T12:55:00Z
2
value 0.00171
scoring_system epss
scoring_elements 0.38465
published_at 2026-04-02T12:55:00Z
3
value 0.00171
scoring_system epss
scoring_elements 0.38489
published_at 2026-04-04T12:55:00Z
4
value 0.00171
scoring_system epss
scoring_elements 0.38353
published_at 2026-04-07T12:55:00Z
5
value 0.00171
scoring_system epss
scoring_elements 0.38404
published_at 2026-04-08T12:55:00Z
6
value 0.00171
scoring_system epss
scoring_elements 0.38412
published_at 2026-04-09T12:55:00Z
7
value 0.00171
scoring_system epss
scoring_elements 0.38391
published_at 2026-04-12T12:55:00Z
8
value 0.00171
scoring_system epss
scoring_elements 0.38428
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-32498
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32498
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32498
3
reference_url https://github.com/openstack/cinder/commit/78f85c1f9b20a067ef64d6451dee0228c3a0db5e
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/cinder/commit/78f85c1f9b20a067ef64d6451dee0228c3a0db5e
4
reference_url https://github.com/openstack/cinder/commit/d6a186945e03649343af55b46ed8dfe0dd326e40
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/cinder/commit/d6a186945e03649343af55b46ed8dfe0dd326e40
5
reference_url https://github.com/openstack/glance/commit/22f0c9c6f98db1d93569e3edb800c271f35b0ef9
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/glance/commit/22f0c9c6f98db1d93569e3edb800c271f35b0ef9
6
reference_url https://github.com/openstack/glance/commit/2e65391744a82421bc6f026ee8f1f3550038f175
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/glance/commit/2e65391744a82421bc6f026ee8f1f3550038f175
7
reference_url https://github.com/openstack/glance/commit/867d1dd8b6e4f5774257a98c7c33061fbbbde973
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/glance/commit/867d1dd8b6e4f5774257a98c7c33061fbbbde973
8
reference_url https://github.com/openstack/glance/commit/cc7d53adbecf85f3d7df78e7618fe8ab3a075c5f
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/glance/commit/cc7d53adbecf85f3d7df78e7618fe8ab3a075c5f
9
reference_url https://github.com/openstack/glance/commit/d607e78630cc9d1ca18b3a027322809c042f64df
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/glance/commit/d607e78630cc9d1ca18b3a027322809c042f64df
10
reference_url https://github.com/openstack/nova/commit/657e86585cc57f84ab9b364dd189547d231d5927
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/657e86585cc57f84ab9b364dd189547d231d5927
11
reference_url https://launchpad.net/bugs/2059809
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T15:32:53Z/
url https://launchpad.net/bugs/2059809
12
reference_url https://lists.debian.org/debian-lts-announce/2024/09/msg00016.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2024/09/msg00016.html
13
reference_url https://lists.debian.org/debian-lts-announce/2024/09/msg00017.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2024/09/msg00017.html
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-32498
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-32498
15
reference_url https://security.openstack.org/ossa/OSSA-2024-001.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T15:32:53Z/
url https://security.openstack.org/ossa/OSSA-2024-001.html
16
reference_url https://www.openwall.com/lists/oss-security/2024/07/02/2
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T15:32:53Z/
url https://www.openwall.com/lists/oss-security/2024/07/02/2
17
reference_url http://www.openwall.com/lists/oss-security/2024/07/02/2
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T15:32:53Z/
url http://www.openwall.com/lists/oss-security/2024/07/02/2
18
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074761
reference_id 1074761
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074761
19
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074762
reference_id 1074762
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074762
20
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074763
reference_id 1074763
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074763
21
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2278663
reference_id 2278663
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2278663
22
reference_url https://github.com/advisories/GHSA-r4v4-w9pv-6fph
reference_id GHSA-r4v4-w9pv-6fph
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-r4v4-w9pv-6fph
23
reference_url https://access.redhat.com/errata/RHSA-2024:4272
reference_id RHSA-2024:4272
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4272
24
reference_url https://access.redhat.com/errata/RHSA-2024:4273
reference_id RHSA-2024:4273
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4273
25
reference_url https://access.redhat.com/errata/RHSA-2024:4274
reference_id RHSA-2024:4274
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4274
26
reference_url https://access.redhat.com/errata/RHSA-2024:4425
reference_id RHSA-2024:4425
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4425
27
reference_url https://usn.ubuntu.com/6882-1/
reference_id USN-6882-1
reference_type
scores
url https://usn.ubuntu.com/6882-1/
28
reference_url https://usn.ubuntu.com/6882-2/
reference_id USN-6882-2
reference_type
scores
url https://usn.ubuntu.com/6882-2/
29
reference_url https://usn.ubuntu.com/6883-1/
reference_id USN-6883-1
reference_type
scores
url https://usn.ubuntu.com/6883-1/
30
reference_url https://usn.ubuntu.com/6884-1/
reference_id USN-6884-1
reference_type
scores
url https://usn.ubuntu.com/6884-1/
fixed_packages
0
url pkg:deb/debian/cinder@2:21.3.1-1~deb12u1
purl pkg:deb/debian/cinder@2:21.3.1-1~deb12u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:21.3.1-1~deb12u1
aliases CVE-2024-32498, GHSA-r4v4-w9pv-6fph
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h6rd-5p7q-s3gq
4
url VCID-hd9e-1msb-uqa6
vulnerability_id VCID-hd9e-1msb-uqa6
summary openstack-cinder: silently access other user's volumes
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-2088.json
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-2088.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-2088
reference_id
reference_type
scores
0
value 0.00129
scoring_system epss
scoring_elements 0.32496
published_at 2026-04-02T12:55:00Z
1
value 0.00129
scoring_system epss
scoring_elements 0.32381
published_at 2026-04-18T12:55:00Z
2
value 0.00129
scoring_system epss
scoring_elements 0.32429
published_at 2026-04-09T12:55:00Z
3
value 0.00129
scoring_system epss
scoring_elements 0.32432
published_at 2026-04-11T12:55:00Z
4
value 0.00129
scoring_system epss
scoring_elements 0.32395
published_at 2026-04-12T12:55:00Z
5
value 0.00129
scoring_system epss
scoring_elements 0.32367
published_at 2026-04-13T12:55:00Z
6
value 0.00129
scoring_system epss
scoring_elements 0.32404
published_at 2026-04-16T12:55:00Z
7
value 0.00129
scoring_system epss
scoring_elements 0.3253
published_at 2026-04-04T12:55:00Z
8
value 0.00129
scoring_system epss
scoring_elements 0.32353
published_at 2026-04-07T12:55:00Z
9
value 0.00129
scoring_system epss
scoring_elements 0.32402
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-2088
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2088
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2088
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035932
reference_id 1035932
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035932
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035961
reference_id 1035961
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035961
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035962
reference_id 1035962
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035962
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035963
reference_id 1035963
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035963
8
reference_url https://bugs.launchpad.net/bugs/2004555
reference_id 2004555
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-24T15:40:54Z/
url https://bugs.launchpad.net/bugs/2004555
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2179587
reference_id 2179587
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2179587
10
reference_url https://security.openstack.org/ossa/OSSA-2023-003.html
reference_id OSSA-2023-003.html
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-24T15:40:54Z/
url https://security.openstack.org/ossa/OSSA-2023-003.html
11
reference_url https://access.redhat.com/errata/RHSA-2023:3156
reference_id RHSA-2023:3156
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3156
12
reference_url https://access.redhat.com/errata/RHSA-2023:3157
reference_id RHSA-2023:3157
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3157
13
reference_url https://access.redhat.com/errata/RHSA-2023:3158
reference_id RHSA-2023:3158
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3158
14
reference_url https://access.redhat.com/errata/RHSA-2023:3161
reference_id RHSA-2023:3161
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3161
15
reference_url https://usn.ubuntu.com/6073-1/
reference_id USN-6073-1
reference_type
scores
url https://usn.ubuntu.com/6073-1/
16
reference_url https://usn.ubuntu.com/6073-2/
reference_id USN-6073-2
reference_type
scores
url https://usn.ubuntu.com/6073-2/
17
reference_url https://usn.ubuntu.com/6073-3/
reference_id USN-6073-3
reference_type
scores
url https://usn.ubuntu.com/6073-3/
18
reference_url https://usn.ubuntu.com/6073-4/
reference_id USN-6073-4
reference_type
scores
url https://usn.ubuntu.com/6073-4/
19
reference_url https://usn.ubuntu.com/6241-1/
reference_id USN-6241-1
reference_type
scores
url https://usn.ubuntu.com/6241-1/
fixed_packages
0
url pkg:deb/debian/cinder@2:21.3.1-1~deb12u1
purl pkg:deb/debian/cinder@2:21.3.1-1~deb12u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:21.3.1-1~deb12u1
aliases CVE-2023-2088
risk_score 4.1
exploitability 0.5
weighted_severity 8.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hd9e-1msb-uqa6
5
url VCID-nyak-4rzf-9fhp
vulnerability_id VCID-nyak-4rzf-9fhp
summary openstack-cinder: Data retained after deletion of a ScaleIO volume
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15139.json
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15139.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-15139
reference_id
reference_type
scores
0
value 0.00242
scoring_system epss
scoring_elements 0.4743
published_at 2026-04-01T12:55:00Z
1
value 0.00242
scoring_system epss
scoring_elements 0.47462
published_at 2026-04-02T12:55:00Z
2
value 0.00242
scoring_system epss
scoring_elements 0.47483
published_at 2026-04-04T12:55:00Z
3
value 0.00242
scoring_system epss
scoring_elements 0.47432
published_at 2026-04-07T12:55:00Z
4
value 0.00242
scoring_system epss
scoring_elements 0.47487
published_at 2026-04-08T12:55:00Z
5
value 0.00242
scoring_system epss
scoring_elements 0.47484
published_at 2026-04-09T12:55:00Z
6
value 0.00242
scoring_system epss
scoring_elements 0.47506
published_at 2026-04-11T12:55:00Z
7
value 0.00242
scoring_system epss
scoring_elements 0.47481
published_at 2026-04-12T12:55:00Z
8
value 0.00242
scoring_system epss
scoring_elements 0.47488
published_at 2026-04-13T12:55:00Z
9
value 0.00242
scoring_system epss
scoring_elements 0.47548
published_at 2026-04-16T12:55:00Z
10
value 0.00242
scoring_system epss
scoring_elements 0.47541
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-15139
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15139
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15139
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1599899
reference_id 1599899
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1599899
5
reference_url https://access.redhat.com/errata/RHSA-2018:3601
reference_id RHSA-2018:3601
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:3601
6
reference_url https://access.redhat.com/errata/RHSA-2019:0917
reference_id RHSA-2019:0917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:0917
fixed_packages
0
url pkg:deb/debian/cinder@2:13.0.3-1
purl pkg:deb/debian/cinder@2:13.0.3-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7uus-f9pq-qkb5
1
vulnerability VCID-br4q-499g-vqhg
2
vulnerability VCID-h6rd-5p7q-s3gq
3
vulnerability VCID-hd9e-1msb-uqa6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:13.0.3-1
aliases CVE-2017-15139
risk_score 2.1
exploitability 0.5
weighted_severity 4.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nyak-4rzf-9fhp
6
url VCID-zy9m-d25c-5uga
vulnerability_id VCID-zy9m-d25c-5uga
summary 
OpenStack Cinder, Glance, and Nova contain Uncontrolled Resource Consumption
A resource vulnerability in the OpenStack Compute (nova), Block Storage (cinder), and Image (glance) services was found in their use of qemu-img. An unprivileged user could consume as much as 4 GB of RAM on the compute host by uploading a malicious image. This flaw could lead possibly to host out-of-memory errors and negatively affect other running tenant instances. oslo.concurrency has been updated to support process limits ('prlimit'), which is needed to fix this flaw.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-2923.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-2923.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2016-2991.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-2991.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2017-0153.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2017-0153.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2017-0156.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2017-0156.html
4
reference_url http://rhn.redhat.com/errata/RHSA-2017-0165.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2017-0165.html
5
reference_url http://rhn.redhat.com/errata/RHSA-2017-0282.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2017-0282.html
6
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5162.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5162.json
7
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-5162
reference_id
reference_type
scores
0
value 0.0359
scoring_system epss
scoring_elements 0.87769
published_at 2026-04-18T12:55:00Z
1
value 0.0359
scoring_system epss
scoring_elements 0.87701
published_at 2026-04-01T12:55:00Z
2
value 0.0359
scoring_system epss
scoring_elements 0.87712
published_at 2026-04-02T12:55:00Z
3
value 0.0359
scoring_system epss
scoring_elements 0.87723
published_at 2026-04-04T12:55:00Z
4
value 0.0359
scoring_system epss
scoring_elements 0.87725
published_at 2026-04-07T12:55:00Z
5
value 0.0359
scoring_system epss
scoring_elements 0.87746
published_at 2026-04-08T12:55:00Z
6
value 0.0359
scoring_system epss
scoring_elements 0.87752
published_at 2026-04-09T12:55:00Z
7
value 0.0359
scoring_system epss
scoring_elements 0.87763
published_at 2026-04-11T12:55:00Z
8
value 0.0359
scoring_system epss
scoring_elements 0.87757
published_at 2026-04-12T12:55:00Z
9
value 0.0359
scoring_system epss
scoring_elements 0.87756
published_at 2026-04-13T12:55:00Z
10
value 0.0359
scoring_system epss
scoring_elements 0.8777
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-5162
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1268303
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1268303
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5162
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5162
10
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
11
reference_url https://github.com/openstack/cinder/commit/455b318ced717fb38dfe40014817d78fbc47dea5
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/cinder/commit/455b318ced717fb38dfe40014817d78fbc47dea5
12
reference_url https://github.com/openstack/glance/commit/69a9b659fd48aa3c1f84fc7bc9ae236b6803d31f
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/glance/commit/69a9b659fd48aa3c1f84fc7bc9ae236b6803d31f
13
reference_url https://github.com/openstack/nova/commit/6bc37dcceca823998068167b49aec6def3112397
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/6bc37dcceca823998068167b49aec6def3112397
14
reference_url https://launchpad.net/bugs/1449062
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://launchpad.net/bugs/1449062
15
reference_url http://www.openwall.com/lists/oss-security/2016/10/06/8
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/10/06/8
16
reference_url http://www.securityfocus.com/bid/76849
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/76849
17
reference_url https://access.redhat.com/security/cve/CVE-2015-5162
reference_id CVE-2015-5162
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2015-5162
18
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-5162
reference_id CVE-2015-5162
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-5162
19
reference_url https://github.com/advisories/GHSA-g2j5-7vgx-6xrx
reference_id GHSA-g2j5-7vgx-6xrx
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-g2j5-7vgx-6xrx
20
reference_url https://access.redhat.com/errata/RHSA-2016:2923
reference_id RHSA-2016:2923
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2923
21
reference_url https://access.redhat.com/errata/RHSA-2016:2991
reference_id RHSA-2016:2991
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2991
22
reference_url https://access.redhat.com/errata/RHSA-2017:0153
reference_id RHSA-2017:0153
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0153
23
reference_url https://access.redhat.com/errata/RHSA-2017:0156
reference_id RHSA-2017:0156
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0156
24
reference_url https://access.redhat.com/errata/RHSA-2017:0165
reference_id RHSA-2017:0165
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0165
25
reference_url https://access.redhat.com/errata/RHSA-2017:0282
reference_id RHSA-2017:0282
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0282
26
reference_url https://usn.ubuntu.com/3449-1/
reference_id USN-3449-1
reference_type
scores
url https://usn.ubuntu.com/3449-1/
fixed_packages
0
url pkg:deb/debian/cinder@2:8.0.0-4~bpo8%2B1
purl pkg:deb/debian/cinder@2:8.0.0-4~bpo8%2B1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7uus-f9pq-qkb5
1
vulnerability VCID-br4q-499g-vqhg
2
vulnerability VCID-h6rd-5p7q-s3gq
3
vulnerability VCID-hd9e-1msb-uqa6
4
vulnerability VCID-nyak-4rzf-9fhp
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:8.0.0-4~bpo8%252B1
aliases CVE-2015-5162, GHSA-g2j5-7vgx-6xrx
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zy9m-d25c-5uga
Fixing_vulnerabilities
0
url VCID-ggmm-svqw-bkhv
vulnerability_id VCID-ggmm-svqw-bkhv
summary 
OpenStack Cinder file disclosure in image convert
OpenStack Cinder before 2014.1.5 (icehouse), 2014.2.x before 2014.2.4 (juno), and 2015.1.x before 2015.1.1 (kilo) allows remote authenticated users to read arbitrary files via a crafted qcow2 signature in an image to the upload-to-image command.
references
0
reference_url http://lists.openstack.org/pipermail/openstack-announce/2015-June/000367.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.openstack.org/pipermail/openstack-announce/2015-June/000367.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2015-1206.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-1206.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1851.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1851.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-1851
reference_id
reference_type
scores
0
value 0.00489
scoring_system epss
scoring_elements 0.65545
published_at 2026-04-16T12:55:00Z
1
value 0.00489
scoring_system epss
scoring_elements 0.65509
published_at 2026-04-13T12:55:00Z
2
value 0.00489
scoring_system epss
scoring_elements 0.65537
published_at 2026-04-12T12:55:00Z
3
value 0.00489
scoring_system epss
scoring_elements 0.65551
published_at 2026-04-11T12:55:00Z
4
value 0.00489
scoring_system epss
scoring_elements 0.65427
published_at 2026-04-01T12:55:00Z
5
value 0.00489
scoring_system epss
scoring_elements 0.65557
published_at 2026-04-18T12:55:00Z
6
value 0.00489
scoring_system epss
scoring_elements 0.65503
published_at 2026-04-04T12:55:00Z
7
value 0.00489
scoring_system epss
scoring_elements 0.65476
published_at 2026-04-02T12:55:00Z
8
value 0.00489
scoring_system epss
scoring_elements 0.65532
published_at 2026-04-09T12:55:00Z
9
value 0.00489
scoring_system epss
scoring_elements 0.65521
published_at 2026-04-08T12:55:00Z
10
value 0.00489
scoring_system epss
scoring_elements 0.65468
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-1851
4
reference_url https://bugs.launchpad.net/cinder/+bug/1415087
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/cinder/+bug/1415087
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1851
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1851
6
reference_url https://github.com/openstack/cinder
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/cinder
7
reference_url https://github.com/openstack/cinder/commit/9634b76ba5886d6c2f2128d550cb005dabf48213
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/cinder/commit/9634b76ba5886d6c2f2128d550cb005dabf48213
8
reference_url https://github.com/openstack/cinder/commit/b1143ee45323e63b965a3710f9063e65b252c978
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/cinder/commit/b1143ee45323e63b965a3710f9063e65b252c978
9
reference_url https://github.com/openstack/cinder/commit/bc0549e08b010edb863d409d80114aa78d317a61
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/cinder/commit/bc0549e08b010edb863d409d80114aa78d317a61
10
reference_url https://github.com/openstack/cinder/commit/d31c937c566005dedf41a60c6b5bd5e7b26f221b
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/cinder/commit/d31c937c566005dedf41a60c6b5bd5e7b26f221b
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-1851
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-1851
12
reference_url http://www.debian.org/security/2015/dsa-3292
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2015/dsa-3292
13
reference_url http://www.openwall.com/lists/oss-security/2015/06/13/1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2015/06/13/1
14
reference_url http://www.openwall.com/lists/oss-security/2015/06/17/2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2015/06/17/2
15
reference_url http://www.openwall.com/lists/oss-security/2015/06/17/7
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2015/06/17/7
16
reference_url http://www.ubuntu.com/usn/USN-2703-1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-2703-1
17
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1231817
reference_id 1231817
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1231817
18
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=788996
reference_id 788996
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=788996
19
reference_url https://github.com/advisories/GHSA-9hcj-h2qc-689p
reference_id GHSA-9hcj-h2qc-689p
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9hcj-h2qc-689p
20
reference_url https://access.redhat.com/errata/RHSA-2015:1206
reference_id RHSA-2015:1206
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1206
21
reference_url https://usn.ubuntu.com/2703-1/
reference_id USN-2703-1
reference_type
scores
url https://usn.ubuntu.com/2703-1/
fixed_packages
0
url pkg:deb/debian/cinder@2014.1.3-11%2Bdeb8u1
purl pkg:deb/debian/cinder@2014.1.3-11%2Bdeb8u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7uus-f9pq-qkb5
1
vulnerability VCID-br4q-499g-vqhg
2
vulnerability VCID-ggmm-svqw-bkhv
3
vulnerability VCID-h6rd-5p7q-s3gq
4
vulnerability VCID-hd9e-1msb-uqa6
5
vulnerability VCID-nyak-4rzf-9fhp
6
vulnerability VCID-zy9m-d25c-5uga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2014.1.3-11%252Bdeb8u1
1
url pkg:deb/debian/cinder@2:8.0.0-4~bpo8%2B1
purl pkg:deb/debian/cinder@2:8.0.0-4~bpo8%2B1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7uus-f9pq-qkb5
1
vulnerability VCID-br4q-499g-vqhg
2
vulnerability VCID-h6rd-5p7q-s3gq
3
vulnerability VCID-hd9e-1msb-uqa6
4
vulnerability VCID-nyak-4rzf-9fhp
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:8.0.0-4~bpo8%252B1
aliases CVE-2015-1851, GHSA-9hcj-h2qc-689p
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ggmm-svqw-bkhv
Risk_score4.1
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2014.1.3-11%252Bdeb8u1