Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:rpm/redhat/openstack-cinder@2014.1.4-1.1?arch=el7ost

Type rpm

Namespace redhat

Name openstack-cinder

Version 2014.1.4-1.1

Qualifiers

arch	el7ost

Subpath

Is_vulnerable true

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

url

VCID-ggmm-svqw-bkhv

vulnerability_id

VCID-ggmm-svqw-bkhv

summary

OpenStack Cinder file disclosure in image convert
OpenStack Cinder before 2014.1.5 (icehouse), 2014.2.x before 2014.2.4 (juno), and 2015.1.x before 2015.1.1 (kilo) allows remote authenticated users to read arbitrary files via a crafted qcow2 signature in an image to the upload-to-image command.

references

reference_url

http://lists.openstack.org/pipermail/openstack-announce/2015-June/000367.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://lists.openstack.org/pipermail/openstack-announce/2015-June/000367.html

reference_url

http://rhn.redhat.com/errata/RHSA-2015-1206.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://rhn.redhat.com/errata/RHSA-2015-1206.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1851.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1851.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-1851

reference_id

reference_type

scores

value	0.00489
scoring_system	epss
scoring_elements	0.65557
published_at	2026-04-18T12:55:00Z

value	0.00489
scoring_system	epss
scoring_elements	0.65545
published_at	2026-04-16T12:55:00Z

value	0.00489
scoring_system	epss
scoring_elements	0.65509
published_at	2026-04-13T12:55:00Z

value	0.00489
scoring_system	epss
scoring_elements	0.65537
published_at	2026-04-12T12:55:00Z

value	0.00489
scoring_system	epss
scoring_elements	0.65476
published_at	2026-04-02T12:55:00Z

value	0.00489
scoring_system	epss
scoring_elements	0.65542
published_at	2026-04-21T12:55:00Z

value	0.00489
scoring_system	epss
scoring_elements	0.65503
published_at	2026-04-04T12:55:00Z

value	0.00489
scoring_system	epss
scoring_elements	0.65427
published_at	2026-04-01T12:55:00Z

value	0.00489
scoring_system	epss
scoring_elements	0.65551
published_at	2026-04-11T12:55:00Z

value	0.00489
scoring_system	epss
scoring_elements	0.65532
published_at	2026-04-09T12:55:00Z

value	0.00489
scoring_system	epss
scoring_elements	0.65521
published_at	2026-04-08T12:55:00Z

value	0.00489
scoring_system	epss
scoring_elements	0.65468
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-1851

reference_url

https://bugs.launchpad.net/cinder/+bug/1415087

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugs.launchpad.net/cinder/+bug/1415087

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1851
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1851

reference_url

https://github.com/openstack/cinder

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/openstack/cinder

reference_url

https://github.com/openstack/cinder/commit/9634b76ba5886d6c2f2128d550cb005dabf48213

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/openstack/cinder/commit/9634b76ba5886d6c2f2128d550cb005dabf48213

reference_url

https://github.com/openstack/cinder/commit/b1143ee45323e63b965a3710f9063e65b252c978

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/openstack/cinder/commit/b1143ee45323e63b965a3710f9063e65b252c978

reference_url

https://github.com/openstack/cinder/commit/bc0549e08b010edb863d409d80114aa78d317a61

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/openstack/cinder/commit/bc0549e08b010edb863d409d80114aa78d317a61

reference_url

https://github.com/openstack/cinder/commit/d31c937c566005dedf41a60c6b5bd5e7b26f221b

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/openstack/cinder/commit/d31c937c566005dedf41a60c6b5bd5e7b26f221b

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2015-1851

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2015-1851

reference_url

http://www.debian.org/security/2015/dsa-3292

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.debian.org/security/2015/dsa-3292

reference_url

http://www.openwall.com/lists/oss-security/2015/06/13/1

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2015/06/13/1

reference_url

http://www.openwall.com/lists/oss-security/2015/06/17/2

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2015/06/17/2

reference_url

http://www.openwall.com/lists/oss-security/2015/06/17/7

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2015/06/17/7

reference_url

http://www.ubuntu.com/usn/USN-2703-1

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.ubuntu.com/usn/USN-2703-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1231817
reference_id	1231817
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1231817

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=788996
reference_id	788996
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=788996

reference_url

https://github.com/advisories/GHSA-9hcj-h2qc-689p

reference_id

GHSA-9hcj-h2qc-689p

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-9hcj-h2qc-689p

reference_url	https://access.redhat.com/errata/RHSA-2015:1206
reference_id	RHSA-2015:1206
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1206

reference_url	https://usn.ubuntu.com/2703-1/
reference_id	USN-2703-1
reference_type
scores
url	https://usn.ubuntu.com/2703-1/

fixed_packages

aliases

CVE-2015-1851, GHSA-9hcj-h2qc-689p

risk_score

3.1

exploitability

0.5

weighted_severity

6.2

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-ggmm-svqw-bkhv

Fixing_vulnerabilities

Risk_score 3.1

Resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/openstack-cinder@2014.1.4-1.1%3Farch=el7ost

Package Instance