Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/nova@2:33.0.1-2?distro=trixie
Typedeb
Namespacedebian
Namenova
Version2:33.0.1-2
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-124a-e1xg-ufhd
vulnerability_id VCID-124a-e1xg-ufhd
summary keystone/middleware/auth_token.py in OpenStack Nova Folsom, Grizzly, and Havana uses an insecure temporary directory for storing signing certificates, which allows local users to spoof servers by pre-creating this directory, which is reused by Nova, as demonstrated using /tmp/keystone-signing-nova on Fedora.
references
0
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105916.html
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105916.html
1
reference_url http://lists.openstack.org/pipermail/openstack-announce/2013-May/000098.html
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.openstack.org/pipermail/openstack-announce/2013-May/000098.html
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-2030
reference_id
reference_type
scores
0
value 0.00035
scoring_system epss
scoring_elements 0.10886
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-2030
3
reference_url https://bugs.launchpad.net/nova/+bug/1174608
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/nova/+bug/1174608
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=958285
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=958285
5
reference_url https://github.com/openstack/nova
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova
6
reference_url https://github.com/openstack/nova/commit/58d6879b1caaa750c39c8e452a0634c24ffef2ce
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/58d6879b1caaa750c39c8e452a0634c24ffef2ce
7
reference_url https://github.com/openstack/nova/commit/74aa04e2ca7942cb1e1a86dcbaffeb72d260ccd7
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/74aa04e2ca7942cb1e1a86dcbaffeb72d260ccd7
8
reference_url https://github.com/openstack/nova/commit/7bf3e8d3e254d817ff5ae7ef1f2884b10410ca60
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/7bf3e8d3e254d817ff5ae7ef1f2884b10410ca60
9
reference_url https://github.com/openstack/python-keystoneclient/commit/1736e2ffb12f70eeebed019448bc14def48aa036
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/python-keystoneclient/commit/1736e2ffb12f70eeebed019448bc14def48aa036
10
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/nova/PYSEC-2013-45.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/nova/PYSEC-2013-45.yaml
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-2030
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-2030
12
reference_url http://www.openwall.com/lists/oss-security/2013/05/09/2
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2013/05/09/2
fixed_packages
0
url pkg:deb/debian/nova@0?distro=trixie
purl pkg:deb/debian/nova@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@0%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ajec-k7qb-6yek
1
vulnerability VCID-fpvj-5qws-tydy
2
vulnerability VCID-rk1s-qbb6-2yh5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u4%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.1-2%3Fdistro=trixie
aliases CVE-2013-2030, GHSA-pxxv-rv32-2qgv, PYSEC-2013-45
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-124a-e1xg-ufhd
1
url VCID-1t9d-4wrv-gbah
vulnerability_id VCID-1t9d-4wrv-gbah
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-6491
reference_id
reference_type
scores
0
value 0.00456
scoring_system epss
scoring_elements 0.64171
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-6491
1
reference_url https://usn.ubuntu.com/2208-1/
reference_id USN-2208-1
reference_type
scores
url https://usn.ubuntu.com/2208-1/
2
reference_url https://usn.ubuntu.com/2208-2/
reference_id USN-2208-2
reference_type
scores
url https://usn.ubuntu.com/2208-2/
3
reference_url https://usn.ubuntu.com/2247-1/
reference_id USN-2247-1
reference_type
scores
url https://usn.ubuntu.com/2247-1/
fixed_packages
0
url pkg:deb/debian/nova@2013.2.3-1?distro=trixie
purl pkg:deb/debian/nova@2013.2.3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2013.2.3-1%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ajec-k7qb-6yek
1
vulnerability VCID-fpvj-5qws-tydy
2
vulnerability VCID-rk1s-qbb6-2yh5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u4%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.1-2%3Fdistro=trixie
aliases CVE-2013-6491
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1t9d-4wrv-gbah
2
url VCID-28wh-kpg5-3fe6
vulnerability_id VCID-28wh-kpg5-3fe6
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4261
reference_id
reference_type
scores
0
value 0.00596
scoring_system epss
scoring_elements 0.69686
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4261
1
reference_url https://usn.ubuntu.com/2000-1/
reference_id USN-2000-1
reference_type
scores
url https://usn.ubuntu.com/2000-1/
fixed_packages
0
url pkg:deb/debian/nova@2013.2-1?distro=trixie
purl pkg:deb/debian/nova@2013.2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2013.2-1%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ajec-k7qb-6yek
1
vulnerability VCID-fpvj-5qws-tydy
2
vulnerability VCID-rk1s-qbb6-2yh5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u4%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.1-2%3Fdistro=trixie
aliases CVE-2013-4261
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-28wh-kpg5-3fe6
3
url VCID-2ba7-wb9n-q3d8
vulnerability_id VCID-2ba7-wb9n-q3d8
summary An issue was discovered in OpenStack Nova before 17.0.12, 18.x before 18.2.2, and 19.x before 19.0.2. If an API request from an authenticated user ends in a fault condition due to an external exception, details of the underlying environment may be leaked in the response, and could include sensitive configuration or other data.
references
0
reference_url https://access.redhat.com/errata/RHSA-2019:2622
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:2622
1
reference_url https://access.redhat.com/errata/RHSA-2019:2631
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:2631
2
reference_url https://access.redhat.com/errata/RHSA-2019:2652
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:2652
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-14433
reference_id
reference_type
scores
0
value 0.01301
scoring_system epss
scoring_elements 0.80053
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-14433
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/openstack/nova
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova
6
reference_url https://github.com/openstack/nova/commit/298b337a16c0d10916b4431c436d19b3d6f5360e
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/298b337a16c0d10916b4431c436d19b3d6f5360e
7
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/nova/PYSEC-2019-191.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/nova/PYSEC-2019-191.yaml
8
reference_url https://launchpad.net/bugs/1837877
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://launchpad.net/bugs/1837877
9
reference_url https://lists.debian.org/debian-lts-announce/2022/09/msg00018.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2022/09/msg00018.html
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-14433
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-14433
11
reference_url https://security.openstack.org/ossa/OSSA-2019-003.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.openstack.org/ossa/OSSA-2019-003.html
12
reference_url https://usn.ubuntu.com/4104-1
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4104-1
13
reference_url https://usn.ubuntu.com/4104-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4104-1/
14
reference_url http://www.openwall.com/lists/oss-security/2019/08/06/6
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2019/08/06/6
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934114
reference_id 934114
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934114
fixed_packages
0
url pkg:deb/debian/nova@2:19.0.2-1?distro=trixie
purl pkg:deb/debian/nova@2:19.0.2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:19.0.2-1%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ajec-k7qb-6yek
1
vulnerability VCID-fpvj-5qws-tydy
2
vulnerability VCID-rk1s-qbb6-2yh5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u4%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.1-2%3Fdistro=trixie
aliases CVE-2019-14433, GHSA-pg64-r7rr-phv8, PYSEC-2019-191
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2ba7-wb9n-q3d8
4
url VCID-2k48-naqm-qua8
vulnerability_id VCID-2k48-naqm-qua8
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-8750
reference_id
reference_type
scores
0
value 0.00929
scoring_system epss
scoring_elements 0.76427
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-8750
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:S/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
fixed_packages
0
url pkg:deb/debian/nova@0?distro=trixie
purl pkg:deb/debian/nova@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@0%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ajec-k7qb-6yek
1
vulnerability VCID-fpvj-5qws-tydy
2
vulnerability VCID-rk1s-qbb6-2yh5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u4%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.1-2%3Fdistro=trixie
aliases CVE-2014-8750
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2k48-naqm-qua8
5
url VCID-2n9h-y9yp-z7gn
vulnerability_id VCID-2n9h-y9yp-z7gn
summary
references
0
reference_url http://blog.python.org/2013/02/announcing-defusedxml-fixes-for-xml.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://blog.python.org/2013/02/announcing-defusedxml-fixes-for-xml.html
1
reference_url http://bugs.python.org/issue17239
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://bugs.python.org/issue17239
2
reference_url http://lists.openstack.org/pipermail/openstack-announce/2013-February/000078.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.openstack.org/pipermail/openstack-announce/2013-February/000078.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2013-0657.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-0657.html
4
reference_url http://rhn.redhat.com/errata/RHSA-2013-0658.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-0658.html
5
reference_url http://rhn.redhat.com/errata/RHSA-2013-0670.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-0670.html
6
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-1664
reference_id
reference_type
scores
0
value 0.03938
scoring_system epss
scoring_elements 0.88535
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-1664
7
reference_url https://bugs.launchpad.net/nova/+bug/1100282
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/nova/+bug/1100282
8
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
9
reference_url https://github.com/django/django/commit/1c60d07ba23e0350351c278ad28d0bd5aa410b40
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/1c60d07ba23e0350351c278ad28d0bd5aa410b40
10
reference_url https://github.com/django/django/commit/d19a27066b2247102e65412aa66917aff0091112
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/d19a27066b2247102e65412aa66917aff0091112
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-1664
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-1664
12
reference_url http://ubuntu.com/usn/usn-1757-1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://ubuntu.com/usn/usn-1757-1
13
reference_url http://www.openwall.com/lists/oss-security/2013/02/19/2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2013/02/19/2
14
reference_url http://www.openwall.com/lists/oss-security/2013/02/19/4
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2013/02/19/4
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700948
reference_id 700948
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700948
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700949
reference_id 700949
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700949
17
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700950
reference_id 700950
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700950
18
reference_url https://security.gentoo.org/glsa/201311-06
reference_id GLSA-201311-06
reference_type
scores
url https://security.gentoo.org/glsa/201311-06
19
reference_url https://security.gentoo.org/glsa/201412-11
reference_id GLSA-201412-11
reference_type
scores
url https://security.gentoo.org/glsa/201412-11
20
reference_url https://usn.ubuntu.com/1730-1/
reference_id USN-1730-1
reference_type
scores
url https://usn.ubuntu.com/1730-1/
21
reference_url https://usn.ubuntu.com/1731-1/
reference_id USN-1731-1
reference_type
scores
url https://usn.ubuntu.com/1731-1/
22
reference_url https://usn.ubuntu.com/1734-1/
reference_id USN-1734-1
reference_type
scores
url https://usn.ubuntu.com/1734-1/
23
reference_url https://usn.ubuntu.com/1757-1/
reference_id USN-1757-1
reference_type
scores
url https://usn.ubuntu.com/1757-1/
fixed_packages
0
url pkg:deb/debian/nova@2012.1.1-13?distro=trixie
purl pkg:deb/debian/nova@2012.1.1-13?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2012.1.1-13%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ajec-k7qb-6yek
1
vulnerability VCID-fpvj-5qws-tydy
2
vulnerability VCID-rk1s-qbb6-2yh5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u4%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.1-2%3Fdistro=trixie
aliases CVE-2013-1664, GHSA-qrh7-x6fp-c2mp
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2n9h-y9yp-z7gn
6
url VCID-2q7r-cgqc-qfah
vulnerability_id VCID-2q7r-cgqc-qfah
summary 
Openstack nova qcow format could expose host filesystem information
Versions of nova before 2012.1 could expose hypervisor host files to a guest operating system when processing a maliciously constructed qcow filesystem.
references
0
reference_url http://bazaar.launchpad.net/~hudson-openstack/nova/trunk/revision/1604
reference_id
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url http://bazaar.launchpad.net/~hudson-openstack/nova/trunk/revision/1604
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-3147
reference_id
reference_type
scores
0
value 0.00182
scoring_system epss
scoring_elements 0.39615
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-3147
2
reference_url https://bugs.launchpad.net/nova/+bug/853330
reference_id
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/nova/+bug/853330
3
reference_url https://github.com/openstack/nova/commit/ff9d353b2f4fee469e530fbc8dc231a41f6fed84
reference_id
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/ff9d353b2f4fee469e530fbc8dc231a41f6fed84
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2011-3147
reference_id CVE-2011-3147
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2011-3147
5
reference_url https://github.com/advisories/GHSA-hqfx-4x4w-vmwp
reference_id GHSA-hqfx-4x4w-vmwp
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-hqfx-4x4w-vmwp
fixed_packages
0
url pkg:deb/debian/nova@2012.1~e1-1?distro=trixie
purl pkg:deb/debian/nova@2012.1~e1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2012.1~e1-1%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ajec-k7qb-6yek
1
vulnerability VCID-fpvj-5qws-tydy
2
vulnerability VCID-rk1s-qbb6-2yh5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u4%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.1-2%3Fdistro=trixie
aliases CVE-2011-3147, GHSA-hqfx-4x4w-vmwp
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2q7r-cgqc-qfah
7
url VCID-33x3-t2ck-akgg
vulnerability_id VCID-33x3-t2ck-akgg
summary
references
0
reference_url http://lists.openstack.org/pipermail/openstack-announce/2013-August/000138.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://lists.openstack.org/pipermail/openstack-announce/2013-August/000138.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2013-1199.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-1199.html
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4278
reference_id
reference_type
scores
0
value 0.00201
scoring_system epss
scoring_elements 0.42114
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4278
3
reference_url https://bugs.launchpad.net/ossa/+bug/1212179
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/ossa/+bug/1212179
4
reference_url https://github.com/openstack/nova
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova
5
reference_url https://github.com/openstack/nova/commit/4054cc4a22a1fea997dec76afb5646fd6c6ea6b9
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/4054cc4a22a1fea997dec76afb5646fd6c6ea6b9
6
reference_url https://github.com/openstack/nova/commit/6825959560e06725d26625fd21f5c0b78b305492
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/6825959560e06725d26625fd21f5c0b78b305492
7
reference_url https://github.com/openstack/nova/commit/8b686195afe7e6dfb46c56c1ef2fe9c993d8e495
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/8b686195afe7e6dfb46c56c1ef2fe9c993d8e495
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-4278
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-4278
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=720602
reference_id 720602
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=720602
10
reference_url https://usn.ubuntu.com/2000-1/
reference_id USN-2000-1
reference_type
scores
url https://usn.ubuntu.com/2000-1/
fixed_packages
0
url pkg:deb/debian/nova@2013.1.3-1?distro=trixie
purl pkg:deb/debian/nova@2013.1.3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2013.1.3-1%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ajec-k7qb-6yek
1
vulnerability VCID-fpvj-5qws-tydy
2
vulnerability VCID-rk1s-qbb6-2yh5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u4%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.1-2%3Fdistro=trixie
aliases CVE-2013-4278, GHSA-43cm-73px-5v4m
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-33x3-t2ck-akgg
8
url VCID-3ekz-4ahc-5ybh
vulnerability_id VCID-3ekz-4ahc-5ybh
summary 
OpenStack Cinder, glance, and Nova vulnerable to Path Traversal
An issue was discovered in OpenStack Cinder before 19.1.2, 20.x before 20.0.2, and 21.0.0; Glance before 23.0.1, 24.x before 24.1.1, and 25.0.0; and Nova before 24.1.2, 25.x before 25.0.2, and 26.0.0. By supplying a specially created VMDK flat image that references a specific backing file path, an authenticated user may convince systems to return a copy of that file's contents from the server, resulting in unauthorized access to potentially sensitive data.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-47951.json
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-47951.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-47951
reference_id
reference_type
scores
0
value 0.00615
scoring_system epss
scoring_elements 0.70229
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-47951
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://launchpad.net/bugs/1996188
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-31T16:49:04Z/
url https://launchpad.net/bugs/1996188
4
reference_url https://lists.debian.org/debian-lts-announce/2023/01/msg00040.html
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-31T16:49:04Z/
url https://lists.debian.org/debian-lts-announce/2023/01/msg00040.html
5
reference_url https://lists.debian.org/debian-lts-announce/2023/01/msg00041.html
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-31T16:49:04Z/
url https://lists.debian.org/debian-lts-announce/2023/01/msg00041.html
6
reference_url https://lists.debian.org/debian-lts-announce/2023/01/msg00042.html
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-31T16:49:04Z/
url https://lists.debian.org/debian-lts-announce/2023/01/msg00042.html
7
reference_url https://security.openstack.org/ossa/OSSA-2023-002.html
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-31T16:49:04Z/
url https://security.openstack.org/ossa/OSSA-2023-002.html
8
reference_url https://www.debian.org/security/2023/dsa-5336
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-31T16:49:04Z/
url https://www.debian.org/security/2023/dsa-5336
9
reference_url https://www.debian.org/security/2023/dsa-5337
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-31T16:49:04Z/
url https://www.debian.org/security/2023/dsa-5337
10
reference_url https://www.debian.org/security/2023/dsa-5338
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-31T16:49:04Z/
url https://www.debian.org/security/2023/dsa-5338
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029561
reference_id 1029561
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029561
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029562
reference_id 1029562
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029562
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029563
reference_id 1029563
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029563
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2161812
reference_id 2161812
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2161812
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-47951
reference_id CVE-2022-47951
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-47951
16
reference_url https://github.com/advisories/GHSA-7h75-hwxx-qpgc
reference_id GHSA-7h75-hwxx-qpgc
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-7h75-hwxx-qpgc
17
reference_url https://access.redhat.com/errata/RHSA-2023:1015
reference_id RHSA-2023:1015
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1015
18
reference_url https://access.redhat.com/errata/RHSA-2023:1016
reference_id RHSA-2023:1016
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1016
19
reference_url https://access.redhat.com/errata/RHSA-2023:1017
reference_id RHSA-2023:1017
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1017
20
reference_url https://access.redhat.com/errata/RHSA-2023:1278
reference_id RHSA-2023:1278
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1278
21
reference_url https://access.redhat.com/errata/RHSA-2023:1279
reference_id RHSA-2023:1279
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1279
22
reference_url https://access.redhat.com/errata/RHSA-2023:1280
reference_id RHSA-2023:1280
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1280
23
reference_url https://usn.ubuntu.com/5835-1/
reference_id USN-5835-1
reference_type
scores
url https://usn.ubuntu.com/5835-1/
24
reference_url https://usn.ubuntu.com/5835-2/
reference_id USN-5835-2
reference_type
scores
url https://usn.ubuntu.com/5835-2/
25
reference_url https://usn.ubuntu.com/5835-3/
reference_id USN-5835-3
reference_type
scores
url https://usn.ubuntu.com/5835-3/
26
reference_url https://usn.ubuntu.com/5835-4/
reference_id USN-5835-4
reference_type
scores
url https://usn.ubuntu.com/5835-4/
27
reference_url https://usn.ubuntu.com/5835-5/
reference_id USN-5835-5
reference_type
scores
url https://usn.ubuntu.com/5835-5/
28
reference_url https://usn.ubuntu.com/6882-2/
reference_id USN-6882-2
reference_type
scores
url https://usn.ubuntu.com/6882-2/
fixed_packages
0
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ajec-k7qb-6yek
1
vulnerability VCID-fpvj-5qws-tydy
2
vulnerability VCID-rk1s-qbb6-2yh5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:26.0.0-6?distro=trixie
purl pkg:deb/debian/nova@2:26.0.0-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.0.0-6%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u4%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.1-2%3Fdistro=trixie
aliases CVE-2022-47951, GHSA-7h75-hwxx-qpgc
risk_score 3.5
exploitability 0.5
weighted_severity 6.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3ekz-4ahc-5ybh
9
url VCID-3gk8-wbuj-xfc2
vulnerability_id VCID-3gk8-wbuj-xfc2
summary 
OpenStack Compute (nova) allows remote authenticated users to cause a denial of service
A flaw was found in the way OpenStack Compute (nova) handled the resize state. If an authenticated user deleted an instance while it was in the resize state, it could cause the original instance to not be deleted from the compute node it was running on, allowing the user to cause a denial of service.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2015-1898.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-1898.html
1
reference_url https://access.redhat.com/errata/RHSA-2015:1898
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2015:1898
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-3280
reference_id
reference_type
scores
0
value 0.00795
scoring_system epss
scoring_elements 0.74278
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-3280
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1257942
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1257942
4
reference_url https://launchpad.net/bugs/1392527
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://launchpad.net/bugs/1392527
5
reference_url https://opendev.org/openstack/nova
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://opendev.org/openstack/nova
6
reference_url https://security.openstack.org/ossa/OSSA-2015-017.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.openstack.org/ossa/OSSA-2015-017.html
7
reference_url https://web.archive.org/web/20200228023247/http://www.securityfocus.com/bid/76553
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200228023247/http://www.securityfocus.com/bid/76553
8
reference_url http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html
9
reference_url http://www.securityfocus.com/bid/76553
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/76553
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=798883
reference_id 798883
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=798883
11
reference_url https://access.redhat.com/security/cve/CVE-2015-3280
reference_id CVE-2015-3280
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2015-3280
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-3280
reference_id CVE-2015-3280
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-3280
13
reference_url https://github.com/advisories/GHSA-mfmj-gwg3-vhw7
reference_id GHSA-mfmj-gwg3-vhw7
reference_type
scores
url https://github.com/advisories/GHSA-mfmj-gwg3-vhw7
14
reference_url https://usn.ubuntu.com/3449-1/
reference_id USN-3449-1
reference_type
scores
url https://usn.ubuntu.com/3449-1/
fixed_packages
0
url pkg:deb/debian/nova@1:12.0.0-2?distro=trixie
purl pkg:deb/debian/nova@1:12.0.0-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@1:12.0.0-2%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ajec-k7qb-6yek
1
vulnerability VCID-fpvj-5qws-tydy
2
vulnerability VCID-rk1s-qbb6-2yh5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u4%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.1-2%3Fdistro=trixie
aliases CVE-2015-3280, GHSA-mfmj-gwg3-vhw7
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3gk8-wbuj-xfc2
10
url VCID-3qv3-8zyv-x7hv
vulnerability_id VCID-3qv3-8zyv-x7hv
summary 
OpenStack Compute (Nova) Denial of Service vulnerability
A denial of service flaw was found in the way OpenStack Compute (nova) looked up VM instances based on an IP address filter. An attacker with sufficient privileges on an OpenStack installation with a large amount of VMs could use this flaw to cause the main nova process to block for an extended amount of time.
references
0
reference_url http://lists.openstack.org/pipermail/openstack-announce/2014-October/000301.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.openstack.org/pipermail/openstack-announce/2014-October/000301.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2015-0843.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0843.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2015-0844.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0844.html
3
reference_url https://access.redhat.com/errata/RHSA-2015:0843
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2015:0843
4
reference_url https://access.redhat.com/errata/RHSA-2015:0844
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2015:0844
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-3708
reference_id
reference_type
scores
0
value 0.01057
scoring_system epss
scoring_elements 0.77908
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-3708
6
reference_url https://bugs.launchpad.net/nova/+bug/1358583
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/nova/+bug/1358583
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1154951
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1154951
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:N/I:N/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://opendev.org/openstack/nova
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://opendev.org/openstack/nova
10
reference_url https://web.archive.org/web/20200901000000*/http://www.securityfocus.com/bid/70777
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200901000000*/http://www.securityfocus.com/bid/70777
11
reference_url http://www.securityfocus.com/bid/70777
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/70777
12
reference_url https://access.redhat.com/security/cve/CVE-2014-3708
reference_id CVE-2014-3708
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2014-3708
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-3708
reference_id CVE-2014-3708
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-3708
14
reference_url https://github.com/advisories/GHSA-43hc-pwvx-pmfg
reference_id GHSA-43hc-pwvx-pmfg
reference_type
scores
url https://github.com/advisories/GHSA-43hc-pwvx-pmfg
fixed_packages
0
url pkg:deb/debian/nova@2014.1.3-6?distro=trixie
purl pkg:deb/debian/nova@2014.1.3-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2014.1.3-6%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ajec-k7qb-6yek
1
vulnerability VCID-fpvj-5qws-tydy
2
vulnerability VCID-rk1s-qbb6-2yh5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u4%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.1-2%3Fdistro=trixie
aliases CVE-2014-3708, GHSA-43hc-pwvx-pmfg
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3qv3-8zyv-x7hv
11
url VCID-4c5h-6xyp-hudd
vulnerability_id VCID-4c5h-6xyp-hudd
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4497
reference_id
reference_type
scores
0
value 0.0021
scoring_system epss
scoring_elements 0.43384
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4497
1
reference_url https://bugs.launchpad.net/nova/+bug/1073306
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/nova/+bug/1073306
2
reference_url https://bugs.launchpad.net/nova/+bug/1202266
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/nova/+bug/1202266
3
reference_url https://github.com/openstack/nova
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova
4
reference_url https://github.com/openstack/nova/commit/01de658210fd65171bfbf5450c93673b5ce0bd9e
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/01de658210fd65171bfbf5450c93673b5ce0bd9e
5
reference_url https://github.com/openstack/nova/commit/5cced7a6dd32d231c606e25dbf762d199bf9cca7
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/5cced7a6dd32d231c606e25dbf762d199bf9cca7
6
reference_url https://github.com/openstack/nova/commit/ba0d007fb78bd1182c3c0b808dbd7ccc84640e80
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/ba0d007fb78bd1182c3c0b808dbd7ccc84640e80
7
reference_url https://github.com/openstack/nova/commit/df2ea2e3acdede21b40d47b7adbeac04213d031b
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/df2ea2e3acdede21b40d47b7adbeac04213d031b
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-4497
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-4497
9
reference_url http://www.openwall.com/lists/oss-security/2013/11/03/2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2013/11/03/2
10
reference_url http://www.openwall.com/lists/oss-security/2013/11/03/3
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2013/11/03/3
fixed_packages
0
url pkg:deb/debian/nova@2013.2-1?distro=trixie
purl pkg:deb/debian/nova@2013.2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2013.2-1%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ajec-k7qb-6yek
1
vulnerability VCID-fpvj-5qws-tydy
2
vulnerability VCID-rk1s-qbb6-2yh5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u4%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.1-2%3Fdistro=trixie
aliases CVE-2013-4497, GHSA-27q4-38qf-m25h
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4c5h-6xyp-hudd
12
url VCID-57ta-3qn2-nugb
vulnerability_id VCID-57ta-3qn2-nugb
summary 
OpenStack Nova Denial of service attack on the compute host
An issue was discovered in OpenStack Nova 15.x through 15.1.0 and 16.x through 16.1.1. By detaching and reattaching an encrypted volume, an attacker may access the underlying raw volume and corrupt the LUKS header, resulting in a denial of service attack on the compute host. (The same code error also results in data loss, but that is not a vulnerability because the user loses their own data.) All Nova setups supporting encrypted volumes are affected.
references
0
reference_url http://openwall.com/lists/oss-security/2018/04/20/3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://openwall.com/lists/oss-security/2018/04/20/3
1
reference_url https://access.redhat.com/errata/RHSA-2018:2332
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2332
2
reference_url https://access.redhat.com/errata/RHSA-2018:2714
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2714
3
reference_url https://access.redhat.com/errata/RHSA-2018:2855
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2855
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-18191
reference_id
reference_type
scores
0
value 0.02481
scoring_system epss
scoring_elements 0.85543
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-18191
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://github.com/openstack/nova
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova
7
reference_url https://github.com/openstack/nova/commit/0225a61fc4557c1257383a654f0741f7ef2ddeac
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/0225a61fc4557c1257383a654f0741f7ef2ddeac
8
reference_url https://github.com/openstack/nova/commit/5b64a1936122eeb35f37a09f9d38159e1a224c58
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/5b64a1936122eeb35f37a09f9d38159e1a224c58
9
reference_url https://github.com/openstack/nova/commit/cd3eb60c2c00bcccfa9ccd4bf9d1a96ae7a5cd88
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/cd3eb60c2c00bcccfa9ccd4bf9d1a96ae7a5cd88
10
reference_url https://launchpad.net/bugs/1739593
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://launchpad.net/bugs/1739593
11
reference_url https://review.openstack.org/539893
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://review.openstack.org/539893
12
reference_url https://security.openstack.org/ossa/OSSA-2018-001.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.openstack.org/ossa/OSSA-2018-001.html
13
reference_url http://www.securityfocus.com/bid/103104
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/103104
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-18191
reference_id CVE-2017-18191
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-18191
15
reference_url https://github.com/advisories/GHSA-ffmh-r67w-m88f
reference_id GHSA-ffmh-r67w-m88f
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-ffmh-r67w-m88f
16
reference_url https://usn.ubuntu.com/5866-1/
reference_id USN-5866-1
reference_type
scores
url https://usn.ubuntu.com/5866-1/
fixed_packages
0
url pkg:deb/debian/nova@2:17.0.0-1?distro=trixie
purl pkg:deb/debian/nova@2:17.0.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:17.0.0-1%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ajec-k7qb-6yek
1
vulnerability VCID-fpvj-5qws-tydy
2
vulnerability VCID-rk1s-qbb6-2yh5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u4%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.1-2%3Fdistro=trixie
aliases CVE-2017-18191, GHSA-ffmh-r67w-m88f
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-57ta-3qn2-nugb
13
url VCID-5p29-z3wj-5keu
vulnerability_id VCID-5p29-z3wj-5keu
summary 
Insufficient Verification of Data Authenticity
It was discovered that the OpenStack Compute (nova) console websocket does not correctly verify the origin header. An attacker could use this flaw to conduct a cross-site websocket hijack attack. Note that only Compute setups with VNC or SPICE enabled were affected by this flaw.
references
0
reference_url http://lists.openstack.org/pipermail/openstack-announce/2015-March/000341.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.openstack.org/pipermail/openstack-announce/2015-March/000341.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2015-0790.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0790.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2015-0843.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0843.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2015-0844.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0844.html
4
reference_url https://access.redhat.com/errata/RHSA-2015:0790
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2015:0790
5
reference_url https://access.redhat.com/errata/RHSA-2015:0843
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2015:0843
6
reference_url https://access.redhat.com/errata/RHSA-2015:0844
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2015:0844
7
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-0259
reference_id
reference_type
scores
0
value 0.00205
scoring_system epss
scoring_elements 0.42583
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-0259
8
reference_url https://bugs.launchpad.net/nova/+bug/1409142
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/nova/+bug/1409142
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1190112
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1190112
10
reference_url https://opendev.org/openstack/nova
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://opendev.org/openstack/nova
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780250
reference_id 780250
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780250
12
reference_url https://access.redhat.com/security/cve/CVE-2015-0259
reference_id CVE-2015-0259
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2015-0259
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-0259
reference_id CVE-2015-0259
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-0259
14
reference_url https://github.com/advisories/GHSA-x8xr-rm9r-7mvf
reference_id GHSA-x8xr-rm9r-7mvf
reference_type
scores
url https://github.com/advisories/GHSA-x8xr-rm9r-7mvf
fixed_packages
0
url pkg:deb/debian/nova@2014.1.3-11?distro=trixie
purl pkg:deb/debian/nova@2014.1.3-11?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2014.1.3-11%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ajec-k7qb-6yek
1
vulnerability VCID-fpvj-5qws-tydy
2
vulnerability VCID-rk1s-qbb6-2yh5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u4%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.1-2%3Fdistro=trixie
aliases CVE-2015-0259, GHSA-x8xr-rm9r-7mvf
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5p29-z3wj-5keu
14
url VCID-5sbw-2suq-5qby
vulnerability_id VCID-5sbw-2suq-5qby
summary 
OpenStack Compute (Nova) allows remote authenticated users to obtain sensitive information
CVE-2013-2256 OpenStack: Nova private flavors resource limit circumvention
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2013-1199.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-1199.html
1
reference_url https://access.redhat.com/errata/RHSA-2013:1199
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2013:1199
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-2256
reference_id
reference_type
scores
0
value 0.00472
scoring_system epss
scoring_elements 0.64994
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-2256
3
reference_url https://bugs.launchpad.net/nova/+bug/1194093
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/nova/+bug/1194093
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=993340
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=993340
5
reference_url http://seclists.org/oss-sec/2013/q3/281
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/oss-sec/2013/q3/281
6
reference_url https://opendev.org/openstack/nova
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://opendev.org/openstack/nova
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=718905
reference_id 718905
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=718905
8
reference_url https://access.redhat.com/security/cve/CVE-2013-2256
reference_id CVE-2013-2256
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2013-2256
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-2256
reference_id CVE-2013-2256
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-2256
10
reference_url https://github.com/advisories/GHSA-5mj6-643f-2g85
reference_id GHSA-5mj6-643f-2g85
reference_type
scores
url https://github.com/advisories/GHSA-5mj6-643f-2g85
11
reference_url https://usn.ubuntu.com/2000-1/
reference_id USN-2000-1
reference_type
scores
url https://usn.ubuntu.com/2000-1/
fixed_packages
0
url pkg:deb/debian/nova@2013.1.2-3?distro=trixie
purl pkg:deb/debian/nova@2013.1.2-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2013.1.2-3%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ajec-k7qb-6yek
1
vulnerability VCID-fpvj-5qws-tydy
2
vulnerability VCID-rk1s-qbb6-2yh5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u4%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.1-2%3Fdistro=trixie
aliases CVE-2013-2256, GHSA-5mj6-643f-2g85
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5sbw-2suq-5qby
15
url VCID-5wph-frx5-3qhe
vulnerability_id VCID-5wph-frx5-3qhe
summary 
OpenStack Nova Potential Xen connection password leak via StorageError
The volume_utils._parse_volume_info function in OpenStack Compute (Nova) before 2015.1.3 (kilo) and 12.0.x before 12.0.1 (liberty) includes the connection_info dictionary in the StorageError message when using the Xen backend, which might allow attackers to obtain sensitive password information by reading log files or other unspecified vectors.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-8749
reference_id
reference_type
scores
0
value 0.00942
scoring_system epss
scoring_elements 0.76587
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-8749
1
reference_url https://bugs.launchpad.net/nova/+bug/1516765
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/nova/+bug/1516765
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.5
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:S/C:P/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/openstack/nova
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova
4
reference_url https://github.com/openstack/nova/commit/8b289237ed6d53738c22878decf0c429301cf3d0
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/8b289237ed6d53738c22878decf0c429301cf3d0
5
reference_url https://github.com/openstack/nova/commit/b2acc9fa864b6fe10bc0c5f3786b976b472b1b27
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/b2acc9fa864b6fe10bc0c5f3786b976b472b1b27
6
reference_url https://github.com/openstack/nova/commit/cf197ec2d682fb4da777df2291ca7ef101f73b77
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/cf197ec2d682fb4da777df2291ca7ef101f73b77
7
reference_url https://github.com/openstack/nova/commit/ef1ccdaca9512b88878155f7d8c2c77853d91252
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/ef1ccdaca9512b88878155f7d8c2c77853d91252
8
reference_url https://security.openstack.org/ossa/OSSA-2016-002.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.openstack.org/ossa/OSSA-2016-002.html
9
reference_url http://www.openwall.com/lists/oss-security/2016/01/07/8
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/01/07/8
10
reference_url http://www.openwall.com/lists/oss-security/2016/01/07/9
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/01/07/9
11
reference_url http://www.securityfocus.com/bid/80189
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/80189
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-8749
reference_id CVE-2015-8749
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-8749
13
reference_url https://github.com/advisories/GHSA-c36r-g737-9qp8
reference_id GHSA-c36r-g737-9qp8
reference_type
scores
url https://github.com/advisories/GHSA-c36r-g737-9qp8
14
reference_url https://usn.ubuntu.com/3449-1/
reference_id USN-3449-1
reference_type
scores
url https://usn.ubuntu.com/3449-1/
fixed_packages
0
url pkg:deb/debian/nova@2:13.0.0~rc3-1?distro=trixie
purl pkg:deb/debian/nova@2:13.0.0~rc3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:13.0.0~rc3-1%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ajec-k7qb-6yek
1
vulnerability VCID-fpvj-5qws-tydy
2
vulnerability VCID-rk1s-qbb6-2yh5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u4%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.1-2%3Fdistro=trixie
aliases CVE-2015-8749, GHSA-c36r-g737-9qp8
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5wph-frx5-3qhe
16
url VCID-6ggp-ycpv-7kft
vulnerability_id VCID-6ggp-ycpv-7kft
summary
references
0
reference_url https://access.redhat.com/errata/RHSA-2014:1084
reference_id
reference_type
scores
0
value 5.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2014:1084
1
reference_url https://access.redhat.com/security/cve/CVE-2014-0167
reference_id
reference_type
scores
0
value 5.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2014-0167
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-0167
reference_id
reference_type
scores
0
value 0.00383
scoring_system epss
scoring_elements 0.59913
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-0167
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1084868
reference_id
reference_type
scores
0
value 5.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1084868
4
reference_url https://launchpad.net/bugs/1290537
reference_id
reference_type
scores
0
value 5.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://launchpad.net/bugs/1290537
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-0167
reference_id
reference_type
scores
0
value 5.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-0167
6
reference_url https://opendev.org/openstack/nova
reference_id
reference_type
scores
0
value 5.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://opendev.org/openstack/nova
7
reference_url http://www.openwall.com/lists/oss-security/2014/04/09/26
reference_id
reference_type
scores
0
value 5.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2014/04/09/26
8
reference_url http://www.ubuntu.com/usn/USN-2247-1
reference_id
reference_type
scores
0
value 5.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-2247-1
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=744051
reference_id 744051
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=744051
10
reference_url https://usn.ubuntu.com/2247-1/
reference_id USN-2247-1
reference_type
scores
url https://usn.ubuntu.com/2247-1/
fixed_packages
0
url pkg:deb/debian/nova@2013.2.3-1?distro=trixie
purl pkg:deb/debian/nova@2013.2.3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2013.2.3-1%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ajec-k7qb-6yek
1
vulnerability VCID-fpvj-5qws-tydy
2
vulnerability VCID-rk1s-qbb6-2yh5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u4%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.1-2%3Fdistro=trixie
aliases CVE-2014-0167, GHSA-p258-xmh3-72pv
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6ggp-ycpv-7kft
17
url VCID-6msd-bxpc-kqbx
vulnerability_id VCID-6msd-bxpc-kqbx
summary 
OpenStack Nova host data access through resize/migration
The libvirt driver in OpenStack Compute (Nova) before 2015.1.4 (kilo) and 12.0.x before 12.0.3 (liberty), when using raw storage and use_cow_images is set to false, allows remote authenticated users to read arbitrary files via a crafted qcow2 header in an ephemeral or root disk.
references
0
reference_url https://access.redhat.com/errata/RHSA-2016:0363
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:0363
1
reference_url https://access.redhat.com/errata/RHSA-2016:0364
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:0364
2
reference_url https://access.redhat.com/errata/RHSA-2016:0365
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:0365
3
reference_url https://access.redhat.com/errata/RHSA-2016:0366
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:0366
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-2140
reference_id
reference_type
scores
0
value 0.00339
scoring_system epss
scoring_elements 0.56905
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-2140
5
reference_url https://bugs.launchpad.net/nova/+bug/1548450
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/nova/+bug/1548450
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1313454
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1313454
7
reference_url http://seclists.org/oss-sec/2016/q1/563
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/oss-sec/2016/q1/563
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:S/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://github.com/openstack/nova
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova
10
reference_url https://github.com/openstack/nova/commit/0b194187db9da28225cb5e62be3b45aff5a1c793
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/0b194187db9da28225cb5e62be3b45aff5a1c793
11
reference_url https://github.com/openstack/nova/commit/116b1210ab772c55d1ed1f715687d83877c92701
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/116b1210ab772c55d1ed1f715687d83877c92701
12
reference_url https://github.com/openstack/nova/commit/f302bf04ab5dda89cf8ceaeed309006da90c0666
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/f302bf04ab5dda89cf8ceaeed309006da90c0666
13
reference_url https://security.openstack.org/ossa/OSSA-2016-007.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.openstack.org/ossa/OSSA-2016-007.html
14
reference_url http://www.openwall.com/lists/oss-security/2016/03/08/6
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/03/08/6
15
reference_url http://www.securityfocus.com/bid/84277
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/84277
16
reference_url https://access.redhat.com/security/cve/CVE-2016-2140
reference_id CVE-2016-2140
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2016-2140
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-2140
reference_id CVE-2016-2140
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-2140
18
reference_url https://github.com/advisories/GHSA-49jv-37hm-6gfp
reference_id GHSA-49jv-37hm-6gfp
reference_type
scores
url https://github.com/advisories/GHSA-49jv-37hm-6gfp
19
reference_url https://usn.ubuntu.com/3449-1/
reference_id USN-3449-1
reference_type
scores
url https://usn.ubuntu.com/3449-1/
fixed_packages
0
url pkg:deb/debian/nova@2:13.0.0-1?distro=trixie
purl pkg:deb/debian/nova@2:13.0.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:13.0.0-1%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ajec-k7qb-6yek
1
vulnerability VCID-fpvj-5qws-tydy
2
vulnerability VCID-rk1s-qbb6-2yh5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u4%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.1-2%3Fdistro=trixie
aliases CVE-2016-2140, GHSA-49jv-37hm-6gfp
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6msd-bxpc-kqbx
18
url VCID-7uh3-vxfa-pbdb
vulnerability_id VCID-7uh3-vxfa-pbdb
summary 
OpenStack Nova instance migration process does not stop when instance is deleted
OpenStack Compute (nova) 2015.1 through 2015.1.1, 2014.2.3, and earlier does not stop the migration process when the instance is deleted, which allows remote authenticated users to cause a denial of service (disk, network, and other resource consumption) by resizing and then deleting an instance.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2015-1723.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-1723.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2015-1898.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-1898.html
2
reference_url https://access.redhat.com/errata/RHSA-2015:1723
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2015:1723
3
reference_url https://access.redhat.com/errata/RHSA-2015:1898
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2015:1898
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-3241
reference_id
reference_type
scores
0
value 0.0197
scoring_system epss
scoring_elements 0.83833
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-3241
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1232782
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1232782
6
reference_url https://github.com/openstack/nova
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova
7
reference_url https://github.com/openstack/nova/commit/7ab75d5b0b75fc3426323bef19bf436a258b9707
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/7ab75d5b0b75fc3426323bef19bf436a258b9707
8
reference_url https://github.com/openstack/nova/commit/b5020a047fc487f35b76fc05f31e52665a1afda1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/b5020a047fc487f35b76fc05f31e52665a1afda1
9
reference_url https://github.com/openstack/nova/commit/bf23643e36c8764b4bd532546a2cc04385fe0cff
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/bf23643e36c8764b4bd532546a2cc04385fe0cff
10
reference_url https://github.com/openstack/ossa/blob/482576204dec96f580817b119e3166d71c757731/ossa/OSSA-2015-015.yaml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/ossa/blob/482576204dec96f580817b119e3166d71c757731/ossa/OSSA-2015-015.yaml
11
reference_url https://launchpad.net/bugs/1387543
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://launchpad.net/bugs/1387543
12
reference_url https://security.openstack.org/ossa/OSSA-2015-015.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.openstack.org/ossa/OSSA-2015-015.html
13
reference_url http://www.securityfocus.com/bid/75372
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/75372
14
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=796109
reference_id 796109
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=796109
15
reference_url https://access.redhat.com/security/cve/CVE-2015-3241
reference_id CVE-2015-3241
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2015-3241
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-3241
reference_id CVE-2015-3241
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-3241
17
reference_url https://github.com/advisories/GHSA-3vx7-xff6-h2vx
reference_id GHSA-3vx7-xff6-h2vx
reference_type
scores
url https://github.com/advisories/GHSA-3vx7-xff6-h2vx
18
reference_url https://usn.ubuntu.com/3449-1/
reference_id USN-3449-1
reference_type
scores
url https://usn.ubuntu.com/3449-1/
fixed_packages
0
url pkg:deb/debian/nova@1:12.0.0-2?distro=trixie
purl pkg:deb/debian/nova@1:12.0.0-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@1:12.0.0-2%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ajec-k7qb-6yek
1
vulnerability VCID-fpvj-5qws-tydy
2
vulnerability VCID-rk1s-qbb6-2yh5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u4%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.1-2%3Fdistro=trixie
aliases CVE-2015-3241, GHSA-3vx7-xff6-h2vx
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7uh3-vxfa-pbdb
19
url VCID-8c3s-u7sb-g7dp
vulnerability_id VCID-8c3s-u7sb-g7dp
summary OpenStack Compute (Nova) Grizzly, Folsom (2012.2), and Essex (2012.1) does not properly implement a quota for fixed IPs, which allows remote authenticated users to cause a denial of service (resource exhaustion and failure to spawn new instances) via a large number of calls to the addFixedIp function.
references
0
reference_url http://osvdb.org/91303
reference_id
reference_type
scores
url http://osvdb.org/91303
1
reference_url http://rhn.redhat.com/errata/RHSA-2013-0709.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-0709.html
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-1838
reference_id
reference_type
scores
0
value 0.01427
scoring_system epss
scoring_elements 0.80943
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-1838
3
reference_url https://bugs.launchpad.net/nova/+bug/1125468
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/nova/+bug/1125468
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=919648
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=919648
5
reference_url http://secunia.com/advisories/52580
reference_id
reference_type
scores
url http://secunia.com/advisories/52580
6
reference_url http://secunia.com/advisories/52728
reference_id
reference_type
scores
url http://secunia.com/advisories/52728
7
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/82877
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/82877
8
reference_url https://github.com/openstack/nova
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova
9
reference_url https://github.com/openstack/nova/commit/9561484166f245d0e4602a36351d6cac72dd9426
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/9561484166f245d0e4602a36351d6cac72dd9426
10
reference_url https://github.com/openstack/nova/commit/99429214d4ddb5bdc7de185693b8a53ad50df3c6
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/99429214d4ddb5bdc7de185693b8a53ad50df3c6
11
reference_url https://github.com/openstack/nova/commit/efaacdaee116388234558e2682b647d41fe5b149
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/efaacdaee116388234558e2682b647d41fe5b149
12
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/nova/PYSEC-2013-44.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/nova/PYSEC-2013-44.yaml
13
reference_url https://lists.launchpad.net/openstack/msg21892.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.launchpad.net/openstack/msg21892.html
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-1838
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-1838
15
reference_url https://review.openstack.org/#/c/24451
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://review.openstack.org/#/c/24451
16
reference_url https://review.openstack.org/#/c/24451/
reference_id
reference_type
scores
url https://review.openstack.org/#/c/24451/
17
reference_url https://review.openstack.org/#/c/24452
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://review.openstack.org/#/c/24452
18
reference_url https://review.openstack.org/#/c/24452/
reference_id
reference_type
scores
url https://review.openstack.org/#/c/24452/
19
reference_url https://review.openstack.org/#/c/24453
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://review.openstack.org/#/c/24453
20
reference_url https://review.openstack.org/#/c/24453/
reference_id
reference_type
scores
url https://review.openstack.org/#/c/24453/
21
reference_url http://ubuntu.com/usn/usn-1771-1
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://ubuntu.com/usn/usn-1771-1
22
reference_url http://www.openwall.com/lists/oss-security/2013/03/14/18
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2013/03/14/18
23
reference_url http://www.securityfocus.com/bid/58492
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/58492
24
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=703064
reference_id 703064
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=703064
25
reference_url https://usn.ubuntu.com/1771-1/
reference_id USN-1771-1
reference_type
scores
url https://usn.ubuntu.com/1771-1/
fixed_packages
0
url pkg:deb/debian/nova@2012.1.1-15?distro=trixie
purl pkg:deb/debian/nova@2012.1.1-15?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2012.1.1-15%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ajec-k7qb-6yek
1
vulnerability VCID-fpvj-5qws-tydy
2
vulnerability VCID-rk1s-qbb6-2yh5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u4%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.1-2%3Fdistro=trixie
aliases CVE-2013-1838, GHSA-63fq-8fp9-vhwq, PYSEC-2013-44
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8c3s-u7sb-g7dp
20
url VCID-8dpx-f6fd-x7a8
vulnerability_id VCID-8dpx-f6fd-x7a8
summary 
OpenStack Nova denial of service through compressed disk images
OpenStack Compute (Nova) Folsom, Grizzly, and Havana does not properly verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service (host file system disk consumption) via a compressed QCOW2 image.  NOTE: this issue is due to an incomplete fix for CVE-2013-2096.
references
0
reference_url http://github.com/openstack/nova/commit/3cdfe894ab58f7b91bf7fb690fc5bc724e44066f
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://github.com/openstack/nova/commit/3cdfe894ab58f7b91bf7fb690fc5bc724e44066f
1
reference_url http://github.com/openstack/nova/commit/f6810be4ae1a6c93e7d8017ee67d5344dfdf4a30
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://github.com/openstack/nova/commit/f6810be4ae1a6c93e7d8017ee67d5344dfdf4a30
2
reference_url http://rhn.redhat.com/errata/RHSA-2014-0112.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-0112.html
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4463
reference_id
reference_type
scores
0
value 0.00155
scoring_system epss
scoring_elements 0.35957
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4463
4
reference_url https://bugs.launchpad.net/nova/+bug/1206081
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/nova/+bug/1206081
5
reference_url https://github.com/openstack/nova
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova
6
reference_url http://www.openwall.com/lists/oss-security/2013/10/31/3
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2013/10/31/3
7
reference_url http://www.ubuntu.com/usn/USN-2247-1
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-2247-1
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=728605
reference_id 728605
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=728605
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-4463
reference_id CVE-2013-4463
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-4463
10
reference_url https://github.com/advisories/GHSA-5644-2v3h-5w4x
reference_id GHSA-5644-2v3h-5w4x
reference_type
scores
url https://github.com/advisories/GHSA-5644-2v3h-5w4x
11
reference_url https://usn.ubuntu.com/2247-1/
reference_id USN-2247-1
reference_type
scores
url https://usn.ubuntu.com/2247-1/
fixed_packages
0
url pkg:deb/debian/nova@2013.2-3?distro=trixie
purl pkg:deb/debian/nova@2013.2-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2013.2-3%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ajec-k7qb-6yek
1
vulnerability VCID-fpvj-5qws-tydy
2
vulnerability VCID-rk1s-qbb6-2yh5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u4%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.1-2%3Fdistro=trixie
aliases CVE-2013-4463, GHSA-5644-2v3h-5w4x
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8dpx-f6fd-x7a8
21
url VCID-ajec-k7qb-6yek
vulnerability_id VCID-ajec-k7qb-6yek
summary 
URL Redirection to Untrusted Site ('Open Redirect')
A vulnerability was found in openstack-nova's console proxy, noVNC. By crafting a malicious URL, noVNC could be made to redirect to any desired URL.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-3654
reference_id
reference_type
scores
0
value 0.87177
scoring_system epss
scoring_elements 0.99462
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-3654
1
reference_url https://bugs.launchpad.net/nova/+bug/1927677
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/nova/+bug/1927677
2
reference_url https://bugs.python.org/issue32084
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.python.org/issue32084
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1961439
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1961439
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://opendev.org/openstack/nova
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://opendev.org/openstack/nova
6
reference_url https://opendev.org/openstack/nova/commit/04d48527b62a35d912f93bc75613a6cca606df66
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://opendev.org/openstack/nova/commit/04d48527b62a35d912f93bc75613a6cca606df66
7
reference_url https://opendev.org/openstack/nova/commit/8906552cfc2525a44251d4cf313ece61e57251eb
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://opendev.org/openstack/nova/commit/8906552cfc2525a44251d4cf313ece61e57251eb
8
reference_url https://security.gentoo.org/glsa/202305-02
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202305-02
9
reference_url https://security.openstack.org/ossa/OSSA-2021-002.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.openstack.org/ossa/OSSA-2021-002.html
10
reference_url https://www.openwall.com/lists/oss-security/2021/07/29/2
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.openwall.com/lists/oss-security/2021/07/29/2
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991441
reference_id 991441
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991441
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-3654
reference_id CVE-2021-3654
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-3654
13
reference_url https://github.com/advisories/GHSA-vqp6-j452-j6wp
reference_id GHSA-vqp6-j452-j6wp
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vqp6-j452-j6wp
14
reference_url https://usn.ubuntu.com/5866-1/
reference_id USN-5866-1
reference_type
scores
url https://usn.ubuntu.com/5866-1/
fixed_packages
0
url pkg:deb/debian/nova@2:23.0.2-3?distro=trixie
purl pkg:deb/debian/nova@2:23.0.2-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:23.0.2-3%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u4%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.1-2%3Fdistro=trixie
aliases CVE-2021-3654, GHSA-vqp6-j452-j6wp
risk_score 10.0
exploitability 2.0
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ajec-k7qb-6yek
22
url VCID-b8cd-srsc-1kdk
vulnerability_id VCID-b8cd-srsc-1kdk
summary The instance rescue mode in OpenStack Compute (Nova) 2013.2 before 2013.2.3 and Icehouse before 2014.1, when using libvirt to spawn images and use_cow_images is set to false, allows remote authenticated users to read certain compute host files by overwriting an instance disk with a crafted image.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-0134
reference_id
reference_type
scores
0
value 0.00201
scoring_system epss
scoring_elements 0.42114
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-0134
1
reference_url https://bugs.launchpad.net/nova/+bug/1221190
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/nova/+bug/1221190
2
reference_url https://github.com/openstack/nova
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova
3
reference_url https://github.com/openstack/nova/commit/25e761acd56d4c820273fc0245ada06c500c1637
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/25e761acd56d4c820273fc0245ada06c500c1637
4
reference_url https://github.com/openstack/nova/commit/d416f4310bb946b4b127201ec3c37e530d988714
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/d416f4310bb946b4b127201ec3c37e530d988714
5
reference_url https://github.com/openstack/nova/commit/dc8de426066969a3f0624fdc2a7b29371a2d55bf
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/dc8de426066969a3f0624fdc2a7b29371a2d55bf
6
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/nova/PYSEC-2014-112.yaml
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/nova/PYSEC-2014-112.yaml
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-0134
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-0134
8
reference_url http://www.openwall.com/lists/oss-security/2014/03/27/6
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2014/03/27/6
9
reference_url http://www.ubuntu.com/usn/USN-2247-1
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-2247-1
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742712
reference_id 742712
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742712
11
reference_url https://usn.ubuntu.com/2247-1/
reference_id USN-2247-1
reference_type
scores
url https://usn.ubuntu.com/2247-1/
fixed_packages
0
url pkg:deb/debian/nova@2013.2.2-4?distro=trixie
purl pkg:deb/debian/nova@2013.2.2-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2013.2.2-4%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ajec-k7qb-6yek
1
vulnerability VCID-fpvj-5qws-tydy
2
vulnerability VCID-rk1s-qbb6-2yh5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u4%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.1-2%3Fdistro=trixie
aliases CVE-2014-0134, GHSA-w429-xc55-hc48, PYSEC-2014-112
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b8cd-srsc-1kdk
23
url VCID-c5s5-rn36-1qh6
vulnerability_id VCID-c5s5-rn36-1qh6
summary OpenStack Compute (nova) Icehouse, Juno and Havana when live migration fails allows local users to access VM volumes that they would normally not have permissions for.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-2687
reference_id
reference_type
scores
0
value 0.00051
scoring_system epss
scoring_elements 0.16339
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-2687
1
reference_url https://bugs.launchpad.net/nova/+bug/1419577
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/nova/+bug/1419577
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1205313
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1205313
3
reference_url https://github.com/openstack/nova
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova
4
reference_url https://github.com/openstack/nova/commit/b83cae02ece4c338e09c3606c6ae69b715bd6f8c
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/b83cae02ece4c338e09c3606c6ae69b715bd6f8c
5
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/nova/PYSEC-2017-145.yaml
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/nova/PYSEC-2017-145.yaml
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-2687
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-2687
7
reference_url https://review.openstack.org/#/c/338929
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://review.openstack.org/#/c/338929
8
reference_url https://review.openstack.org/#/c/338929/
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://review.openstack.org/#/c/338929/
9
reference_url http://www.openwall.com/lists/oss-security/2015/03/24/10
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2015/03/24/10
10
reference_url http://www.openwall.com/lists/oss-security/2015/03/25/3
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2015/03/25/3
11
reference_url http://www.securityfocus.com/bid/77505
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
url http://www.securityfocus.com/bid/77505
fixed_packages
0
url pkg:deb/debian/nova@2014.1-1?distro=trixie
purl pkg:deb/debian/nova@2014.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2014.1-1%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ajec-k7qb-6yek
1
vulnerability VCID-fpvj-5qws-tydy
2
vulnerability VCID-rk1s-qbb6-2yh5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u4%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.1-2%3Fdistro=trixie
aliases CVE-2015-2687, GHSA-97fv-22hc-mrgj, PYSEC-2017-145
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c5s5-rn36-1qh6
24
url VCID-cj8k-ufmj-kqe2
vulnerability_id VCID-cj8k-ufmj-kqe2
summary 
OpenStack Nova live snapshots use an insecure local directory
OpenStack Compute (Nova) Grizzly 2013.1.4, Havana 2013.2.1, and earlier uses world-writable and world-readable permissions for the temporary directory used to store live snapshots, which allows local users to read and modify live snapshots.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2014-0231.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-0231.html
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-7048
reference_id
reference_type
scores
0
value 0.00132
scoring_system epss
scoring_elements 0.32439
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-7048
2
reference_url https://bugs.launchpad.net/nova/+bug/1227027
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/nova/+bug/1227027
3
reference_url https://github.com/openstack/nova
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova
4
reference_url https://github.com/openstack/nova/commit/75be5abd6b3fa0f7f27fe9c805f832cd41d44a5d
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/75be5abd6b3fa0f7f27fe9c805f832cd41d44a5d
5
reference_url https://github.com/openstack/nova/commit/8a34fc3d48c467aa196f65eed444ccdc7c02f19f
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/8a34fc3d48c467aa196f65eed444ccdc7c02f19f
6
reference_url https://github.com/openstack/nova/commit/9bd7fff8c0160057643cfc37c5e2b1cd3337d6aa
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/9bd7fff8c0160057643cfc37c5e2b1cd3337d6aa
7
reference_url http://www.openwall.com/lists/oss-security/2014/01/13/2
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2014/01/13/2
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=732022
reference_id 732022
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=732022
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-7048
reference_id CVE-2013-7048
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-7048
10
reference_url https://github.com/advisories/GHSA-grp5-h379-j75x
reference_id GHSA-grp5-h379-j75x
reference_type
scores
url https://github.com/advisories/GHSA-grp5-h379-j75x
fixed_packages
0
url pkg:deb/debian/nova@2013.2.2?distro=trixie
purl pkg:deb/debian/nova@2013.2.2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2013.2.2%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ajec-k7qb-6yek
1
vulnerability VCID-fpvj-5qws-tydy
2
vulnerability VCID-rk1s-qbb6-2yh5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u4%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.1-2%3Fdistro=trixie
aliases CVE-2013-7048, GHSA-grp5-h379-j75x
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cj8k-ufmj-kqe2
25
url VCID-db3a-7hcs-syc6
vulnerability_id VCID-db3a-7hcs-syc6
summary 
OpenStack Cinder, Glance, and Nova contain Uncontrolled Resource Consumption
A resource vulnerability in the OpenStack Compute (nova), Block Storage (cinder), and Image (glance) services was found in their use of qemu-img. An unprivileged user could consume as much as 4 GB of RAM on the compute host by uploading a malicious image. This flaw could lead possibly to host out-of-memory errors and negatively affect other running tenant instances. oslo.concurrency has been updated to support process limits ('prlimit'), which is needed to fix this flaw.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-2923.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-2923.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2016-2991.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-2991.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2017-0153.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2017-0153.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2017-0156.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2017-0156.html
4
reference_url http://rhn.redhat.com/errata/RHSA-2017-0165.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2017-0165.html
5
reference_url http://rhn.redhat.com/errata/RHSA-2017-0282.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2017-0282.html
6
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-5162
reference_id
reference_type
scores
0
value 0.0361
scoring_system epss
scoring_elements 0.87984
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-5162
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1268303
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1268303
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://github.com/openstack/cinder/commit/455b318ced717fb38dfe40014817d78fbc47dea5
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/cinder/commit/455b318ced717fb38dfe40014817d78fbc47dea5
10
reference_url https://github.com/openstack/glance/commit/69a9b659fd48aa3c1f84fc7bc9ae236b6803d31f
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/glance/commit/69a9b659fd48aa3c1f84fc7bc9ae236b6803d31f
11
reference_url https://github.com/openstack/nova/commit/6bc37dcceca823998068167b49aec6def3112397
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/6bc37dcceca823998068167b49aec6def3112397
12
reference_url https://launchpad.net/bugs/1449062
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://launchpad.net/bugs/1449062
13
reference_url http://www.openwall.com/lists/oss-security/2016/10/06/8
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/10/06/8
14
reference_url http://www.securityfocus.com/bid/76849
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/76849
15
reference_url https://access.redhat.com/security/cve/CVE-2015-5162
reference_id CVE-2015-5162
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2015-5162
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-5162
reference_id CVE-2015-5162
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-5162
17
reference_url https://github.com/advisories/GHSA-g2j5-7vgx-6xrx
reference_id GHSA-g2j5-7vgx-6xrx
reference_type
scores
url https://github.com/advisories/GHSA-g2j5-7vgx-6xrx
18
reference_url https://usn.ubuntu.com/3449-1/
reference_id USN-3449-1
reference_type
scores
url https://usn.ubuntu.com/3449-1/
fixed_packages
0
url pkg:deb/debian/nova@2:13.0.0-1?distro=trixie
purl pkg:deb/debian/nova@2:13.0.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:13.0.0-1%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ajec-k7qb-6yek
1
vulnerability VCID-fpvj-5qws-tydy
2
vulnerability VCID-rk1s-qbb6-2yh5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u4%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.1-2%3Fdistro=trixie
aliases CVE-2015-5162, GHSA-g2j5-7vgx-6xrx
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-db3a-7hcs-syc6
26
url VCID-dftj-xuud-b3cx
vulnerability_id VCID-dftj-xuud-b3cx
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-0208
reference_id
reference_type
scores
0
value 0.00953
scoring_system epss
scoring_elements 0.76709
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-0208
1
reference_url https://usn.ubuntu.com/1709-1/
reference_id USN-1709-1
reference_type
scores
url https://usn.ubuntu.com/1709-1/
fixed_packages
0
url pkg:deb/debian/nova@2012.1.1-12?distro=trixie
purl pkg:deb/debian/nova@2012.1.1-12?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2012.1.1-12%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ajec-k7qb-6yek
1
vulnerability VCID-fpvj-5qws-tydy
2
vulnerability VCID-rk1s-qbb6-2yh5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u4%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.1-2%3Fdistro=trixie
aliases CVE-2013-0208
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dftj-xuud-b3cx
27
url VCID-dznm-cs7e-53g3
vulnerability_id VCID-dznm-cs7e-53g3
summary The VMWare driver in OpenStack Compute (Nova) 2013.2 through 2013.2.2 does not properly put VMs into RESCUE status, which allows remote authenticated users to bypass the quota limit and cause a denial of service (resource consumption) by requesting the VM be put into rescue and then deleting the image.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-2573
reference_id
reference_type
scores
0
value 0.00106
scoring_system epss
scoring_elements 0.28313
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-2573
1
reference_url https://bugs.launchpad.net/nova/+bug/1269418
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/nova/+bug/1269418
2
reference_url http://secunia.com/advisories/57498
reference_id
reference_type
scores
url http://secunia.com/advisories/57498
3
reference_url https://github.com/openstack/nova
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova
4
reference_url https://github.com/openstack/nova/commit/b3cc3f62a60662e5bb82136c0cfa464592a6afe9
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/b3cc3f62a60662e5bb82136c0cfa464592a6afe9
5
reference_url https://github.com/openstack/nova/commit/efb66531bc37ee416778a70d46c657608ca767af
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/efb66531bc37ee416778a70d46c657608ca767af
6
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/nova/PYSEC-2014-113.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/nova/PYSEC-2014-113.yaml
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-2573
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-2573
8
reference_url http://www.openwall.com/lists/oss-security/2014/03/21/1
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2014/03/21/1
9
reference_url http://www.openwall.com/lists/oss-security/2014/03/21/2
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2014/03/21/2
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=750144
reference_id 750144
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=750144
fixed_packages
0
url pkg:deb/debian/nova@2014.1-9?distro=trixie
purl pkg:deb/debian/nova@2014.1-9?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2014.1-9%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ajec-k7qb-6yek
1
vulnerability VCID-fpvj-5qws-tydy
2
vulnerability VCID-rk1s-qbb6-2yh5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u4%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.1-2%3Fdistro=trixie
aliases CVE-2014-2573, GHSA-jv34-xvjq-ppch, PYSEC-2014-113
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dznm-cs7e-53g3
28
url VCID-eat8-r11q-m3eg
vulnerability_id VCID-eat8-r11q-m3eg
summary 
OpenStack Compute (Nova) allows remote attackers to bypass intended restriction
A vulnerability was discovered in the way OpenStack Compute (nova) networking handled security group updates; changes were not applied to already running VM instances. A remote attacker could use this flaw to access running VM instances.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2015-2684.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-2684.html
1
reference_url https://access.redhat.com/errata/RHSA-2015:2673
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2015:2673
2
reference_url https://access.redhat.com/errata/RHSA-2015:2684
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2015:2684
3
reference_url https://access.redhat.com/errata/RHSA-2016:0013
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:0013
4
reference_url https://access.redhat.com/errata/RHSA-2016:0017
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:0017
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-7713
reference_id
reference_type
scores
0
value 0.01522
scoring_system epss
scoring_elements 0.81565
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-7713
6
reference_url https://bugs.launchpad.net/nova/+bug/1491307
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/nova/+bug/1491307
7
reference_url https://bugs.launchpad.net/nova/+bug/1492961
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/nova/+bug/1492961
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1269119
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1269119
9
reference_url https://opendev.org/openstack/nova
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://opendev.org/openstack/nova
10
reference_url https://security.openstack.org/ossa/OSSA-2015-021.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.openstack.org/ossa/OSSA-2015-021.html
11
reference_url https://web.archive.org/web/20200228024902/http://www.securityfocus.com/bid/76960
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200228024902/http://www.securityfocus.com/bid/76960
12
reference_url http://www.securityfocus.com/bid/76960
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/76960
13
reference_url https://access.redhat.com/security/cve/CVE-2015-7713
reference_id CVE-2015-7713
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2015-7713
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-7713
reference_id CVE-2015-7713
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-7713
15
reference_url https://github.com/advisories/GHSA-67rh-9p29-vrxr
reference_id GHSA-67rh-9p29-vrxr
reference_type
scores
url https://github.com/advisories/GHSA-67rh-9p29-vrxr
16
reference_url https://usn.ubuntu.com/3449-1/
reference_id USN-3449-1
reference_type
scores
url https://usn.ubuntu.com/3449-1/
fixed_packages
0
url pkg:deb/debian/nova@1:12.0.0-2?distro=trixie
purl pkg:deb/debian/nova@1:12.0.0-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@1:12.0.0-2%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ajec-k7qb-6yek
1
vulnerability VCID-fpvj-5qws-tydy
2
vulnerability VCID-rk1s-qbb6-2yh5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u4%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.1-2%3Fdistro=trixie
aliases CVE-2015-7713, GHSA-67rh-9p29-vrxr
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-eat8-r11q-m3eg
29
url VCID-ef5k-jqxk-ukag
vulnerability_id VCID-ef5k-jqxk-ukag
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32498.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32498.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-32498
reference_id
reference_type
scores
0
value 0.00214
scoring_system epss
scoring_elements 0.43956
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-32498
2
reference_url https://github.com/openstack/cinder/commit/78f85c1f9b20a067ef64d6451dee0228c3a0db5e
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/cinder/commit/78f85c1f9b20a067ef64d6451dee0228c3a0db5e
3
reference_url https://github.com/openstack/cinder/commit/d6a186945e03649343af55b46ed8dfe0dd326e40
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/cinder/commit/d6a186945e03649343af55b46ed8dfe0dd326e40
4
reference_url https://github.com/openstack/glance/commit/22f0c9c6f98db1d93569e3edb800c271f35b0ef9
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/glance/commit/22f0c9c6f98db1d93569e3edb800c271f35b0ef9
5
reference_url https://github.com/openstack/glance/commit/2e65391744a82421bc6f026ee8f1f3550038f175
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/glance/commit/2e65391744a82421bc6f026ee8f1f3550038f175
6
reference_url https://github.com/openstack/glance/commit/867d1dd8b6e4f5774257a98c7c33061fbbbde973
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/glance/commit/867d1dd8b6e4f5774257a98c7c33061fbbbde973
7
reference_url https://github.com/openstack/glance/commit/cc7d53adbecf85f3d7df78e7618fe8ab3a075c5f
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/glance/commit/cc7d53adbecf85f3d7df78e7618fe8ab3a075c5f
8
reference_url https://github.com/openstack/glance/commit/d607e78630cc9d1ca18b3a027322809c042f64df
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/glance/commit/d607e78630cc9d1ca18b3a027322809c042f64df
9
reference_url https://github.com/openstack/nova/commit/657e86585cc57f84ab9b364dd189547d231d5927
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/657e86585cc57f84ab9b364dd189547d231d5927
10
reference_url https://launchpad.net/bugs/2059809
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T15:32:53Z/
url https://launchpad.net/bugs/2059809
11
reference_url https://lists.debian.org/debian-lts-announce/2024/09/msg00016.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2024/09/msg00016.html
12
reference_url https://lists.debian.org/debian-lts-announce/2024/09/msg00017.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2024/09/msg00017.html
13
reference_url https://security.openstack.org/ossa/OSSA-2024-001.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T15:32:53Z/
url https://security.openstack.org/ossa/OSSA-2024-001.html
14
reference_url https://www.openwall.com/lists/oss-security/2024/07/02/2
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T15:32:53Z/
url https://www.openwall.com/lists/oss-security/2024/07/02/2
15
reference_url http://www.openwall.com/lists/oss-security/2024/07/02/2
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T15:32:53Z/
url http://www.openwall.com/lists/oss-security/2024/07/02/2
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074761
reference_id 1074761
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074761
17
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074762
reference_id 1074762
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074762
18
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074763
reference_id 1074763
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074763
19
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2278663
reference_id 2278663
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2278663
20
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-32498
reference_id CVE-2024-32498
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-32498
21
reference_url https://github.com/advisories/GHSA-r4v4-w9pv-6fph
reference_id GHSA-r4v4-w9pv-6fph
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-r4v4-w9pv-6fph
22
reference_url https://access.redhat.com/errata/RHSA-2024:4272
reference_id RHSA-2024:4272
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4272
23
reference_url https://access.redhat.com/errata/RHSA-2024:4273
reference_id RHSA-2024:4273
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4273
24
reference_url https://access.redhat.com/errata/RHSA-2024:4274
reference_id RHSA-2024:4274
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4274
25
reference_url https://access.redhat.com/errata/RHSA-2024:4425
reference_id RHSA-2024:4425
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4425
26
reference_url https://usn.ubuntu.com/6882-1/
reference_id USN-6882-1
reference_type
scores
url https://usn.ubuntu.com/6882-1/
27
reference_url https://usn.ubuntu.com/6882-2/
reference_id USN-6882-2
reference_type
scores
url https://usn.ubuntu.com/6882-2/
28
reference_url https://usn.ubuntu.com/6883-1/
reference_id USN-6883-1
reference_type
scores
url https://usn.ubuntu.com/6883-1/
29
reference_url https://usn.ubuntu.com/6884-1/
reference_id USN-6884-1
reference_type
scores
url https://usn.ubuntu.com/6884-1/
30
reference_url https://usn.ubuntu.com/8199-1/
reference_id USN-8199-1
reference_type
scores
url https://usn.ubuntu.com/8199-1/
fixed_packages
0
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ajec-k7qb-6yek
1
vulnerability VCID-fpvj-5qws-tydy
2
vulnerability VCID-rk1s-qbb6-2yh5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:22.4.0-1~deb11u5?distro=trixie
purl pkg:deb/debian/nova@2:22.4.0-1~deb11u5?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.4.0-1~deb11u5%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u3?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u3%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u4%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:29.0.2-4?distro=trixie
purl pkg:deb/debian/nova@2:29.0.2-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:29.0.2-4%3Fdistro=trixie
5
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
6
url pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.1-2%3Fdistro=trixie
aliases CVE-2024-32498, GHSA-r4v4-w9pv-6fph
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ef5k-jqxk-ukag
30
url VCID-ewru-8cxk-mycm
vulnerability_id VCID-ewru-8cxk-mycm
summary 
OpenStack Nova Exposure of Sensitive Information to an Unauthorized Actor
OpenStack Nova before 2012.1 allows someone with access to an EC2_ACCESS_KEY (equivalent to a username) to obtain the EC2_SECRET_KEY (equivalent to a password). Exposing the EC2_ACCESS_KEY via http or tools that allow man-in-the-middle over https could allow an attacker to easily obtain the EC2_SECRET_KEY. An attacker could also presumably brute force values for EC2_ACCESS_KEY.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-4076
reference_id
reference_type
scores
0
value 0.00408
scoring_system epss
scoring_elements 0.61496
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-4076
1
reference_url https://bugs.launchpad.net/nova/+bug/868360
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/nova/+bug/868360
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-4076
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-4076
3
reference_url https://github.com/openstack/nova/commit/b1ab6da1495784ff581000018a6047fd19cf82c4
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/b1ab6da1495784ff581000018a6047fd19cf82c4
4
reference_url https://github.com/openstack/nova/commit/beee11edbfdd82cd81bc9c0fd75912c167892c2b
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/beee11edbfdd82cd81bc9c0fd75912c167892c2b
5
reference_url https://www.openwall.com/lists/oss-security/2011/10/25/4
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.openwall.com/lists/oss-security/2011/10/25/4
6
reference_url https://access.redhat.com/security/cve/cve-2011-4076
reference_id CVE-2011-4076
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/cve-2011-4076
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2011-4076
reference_id CVE-2011-4076
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2011-4076
8
reference_url https://security-tracker.debian.org/tracker/CVE-2011-4076
reference_id CVE-2011-4076
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security-tracker.debian.org/tracker/CVE-2011-4076
9
reference_url https://github.com/advisories/GHSA-vcmv-6rxx-fh7r
reference_id GHSA-vcmv-6rxx-fh7r
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vcmv-6rxx-fh7r
fixed_packages
0
url pkg:deb/debian/nova@2012.1~e1-1?distro=trixie
purl pkg:deb/debian/nova@2012.1~e1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2012.1~e1-1%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ajec-k7qb-6yek
1
vulnerability VCID-fpvj-5qws-tydy
2
vulnerability VCID-rk1s-qbb6-2yh5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u4%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.1-2%3Fdistro=trixie
aliases CVE-2011-4076, GHSA-vcmv-6rxx-fh7r
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ewru-8cxk-mycm
31
url VCID-fbkc-wgdn-tfhw
vulnerability_id VCID-fbkc-wgdn-tfhw
summary Openstack Compute (Nova) Folsom, 2012.1, and 2011.3 does not limit the number of security group rules, which allows remote authenticated users with certain permissions to cause a denial of service (CPU and hard drive consumption) via a network request that triggers a large number of iptables rules.
references
0
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079434.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079434.html
1
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079551.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079551.html
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-2101
reference_id
reference_type
scores
0
value 0.00885
scoring_system epss
scoring_elements 0.75774
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-2101
3
reference_url https://bugs.launchpad.net/nova/+bug/969545
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/nova/+bug/969545
4
reference_url http://secunia.com/advisories/49034
reference_id
reference_type
scores
url http://secunia.com/advisories/49034
5
reference_url http://secunia.com/advisories/49048
reference_id
reference_type
scores
url http://secunia.com/advisories/49048
6
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/75243
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/75243
7
reference_url https://github.com/openstack/nova
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova
8
reference_url https://github.com/openstack/nova/commit/1f644d210557b1254f7c7b39424b09a45329ade7
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/1f644d210557b1254f7c7b39424b09a45329ade7
9
reference_url https://github.com/openstack/nova/commit/8c8735a73afb16d5856f0aa6088e9ae406c52beb
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/8c8735a73afb16d5856f0aa6088e9ae406c52beb
10
reference_url https://github.com/openstack/nova/commit/a67db4586f70ed881d65e80035b2a25be195ce64
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/a67db4586f70ed881d65e80035b2a25be195ce64
11
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/nova/PYSEC-2012-36.yaml
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/nova/PYSEC-2012-36.yaml
12
reference_url https://lists.launchpad.net/openstack/msg10268.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://lists.launchpad.net/openstack/msg10268.html
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-2101
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-2101
14
reference_url http://ubuntu.com/usn/usn-1438-1
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://ubuntu.com/usn/usn-1438-1
15
reference_url http://www.osvdb.org/81641
reference_id
reference_type
scores
url http://www.osvdb.org/81641
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=670637
reference_id 670637
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=670637
17
reference_url https://usn.ubuntu.com/1438-1/
reference_id USN-1438-1
reference_type
scores
url https://usn.ubuntu.com/1438-1/
fixed_packages
0
url pkg:deb/debian/nova@2012.1-2?distro=trixie
purl pkg:deb/debian/nova@2012.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2012.1-2%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ajec-k7qb-6yek
1
vulnerability VCID-fpvj-5qws-tydy
2
vulnerability VCID-rk1s-qbb6-2yh5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u4%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.1-2%3Fdistro=trixie
aliases CVE-2012-2101, GHSA-hq3f-9gf7-73r8, PYSEC-2012-36
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fbkc-wgdn-tfhw
32
url VCID-fcgm-31hu-83gj
vulnerability_id VCID-fcgm-31hu-83gj
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-1068
reference_id
reference_type
scores
0
value 0.00222
scoring_system epss
scoring_elements 0.44821
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-1068
1
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=753579
reference_id 753579
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=753579
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=753585
reference_id 753585
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=753585
3
reference_url https://usn.ubuntu.com/2247-1/
reference_id USN-2247-1
reference_type
scores
url https://usn.ubuntu.com/2247-1/
4
reference_url https://usn.ubuntu.com/2248-1/
reference_id USN-2248-1
reference_type
scores
url https://usn.ubuntu.com/2248-1/
fixed_packages
0
url pkg:deb/debian/nova@2014.1.1-4?distro=trixie
purl pkg:deb/debian/nova@2014.1.1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2014.1.1-4%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ajec-k7qb-6yek
1
vulnerability VCID-fpvj-5qws-tydy
2
vulnerability VCID-rk1s-qbb6-2yh5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u4%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.1-2%3Fdistro=trixie
aliases CVE-2013-1068
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fcgm-31hu-83gj
33
url VCID-fpvj-5qws-tydy
vulnerability_id VCID-fpvj-5qws-tydy
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-37394
reference_id
reference_type
scores
0
value 0.00266
scoring_system epss
scoring_elements 0.50302
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-37394
1
reference_url https://bugs.launchpad.net/ossa/+bug/1981813
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value LOW
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/ossa/+bug/1981813
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/openstack/nova
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova
4
reference_url https://github.com/openstack/nova/commit/0c87681135cfb3ce61d2a0392928c1dbc1fe5fde
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/0c87681135cfb3ce61d2a0392928c1dbc1fe5fde
5
reference_url https://github.com/openstack/nova/commit/1a98a1a650d065a8ab3e1c474f3b9fd537dc2206
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/1a98a1a650d065a8ab3e1c474f3b9fd537dc2206
6
reference_url https://github.com/openstack/nova/commit/4954f993680c75fd9d3d507f2dcd00300c9b3d44
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/4954f993680c75fd9d3d507f2dcd00300c9b3d44
7
reference_url https://github.com/openstack/nova/commit/a28c82719545d5c8ee7f3ff1361b3a796e05095a
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/a28c82719545d5c8ee7f3ff1361b3a796e05095a
8
reference_url https://github.com/openstack/nova/commit/e43bf900dc8ca66578603bed333c56b215b1876e
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/e43bf900dc8ca66578603bed333c56b215b1876e
9
reference_url https://github.com/openstack/nova/commit/f8c91eb75fc5504a37fc3b4be1d65d33dbc9b511
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/f8c91eb75fc5504a37fc3b4be1d65d33dbc9b511
10
reference_url https://review.opendev.org/c/openstack/nova/+/849985
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value LOW
scoring_system generic_textual
scoring_elements
url https://review.opendev.org/c/openstack/nova/+/849985
11
reference_url https://review.opendev.org/c/openstack/nova/+/850003
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value LOW
scoring_system generic_textual
scoring_elements
url https://review.opendev.org/c/openstack/nova/+/850003
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016980
reference_id 1016980
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016980
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-37394
reference_id CVE-2022-37394
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-37394
14
reference_url https://github.com/advisories/GHSA-v725-c588-h936
reference_id GHSA-v725-c588-h936
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-v725-c588-h936
15
reference_url https://usn.ubuntu.com/5866-1/
reference_id USN-5866-1
reference_type
scores
url https://usn.ubuntu.com/5866-1/
fixed_packages
0
url pkg:deb/debian/nova@2:26.0.0~rc1-3?distro=trixie
purl pkg:deb/debian/nova@2:26.0.0~rc1-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.0.0~rc1-3%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u4%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.1-2%3Fdistro=trixie
aliases CVE-2022-37394, GHSA-v725-c588-h936
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fpvj-5qws-tydy
34
url VCID-jdjj-3uf5-tyf9
vulnerability_id VCID-jdjj-3uf5-tyf9
summary virt/disk/api.py in OpenStack Compute (Nova) 2012.1.x before 2012.1.2 and Folsom before Folsom-3 allows remote authenticated users to overwrite arbitrary files via a symlink attack on a file in an image that uses a symlink that is only readable by root. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-3361.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-3447
reference_id
reference_type
scores
0
value 0.00925
scoring_system epss
scoring_elements 0.76364
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-3447
1
reference_url https://bugs.launchpad.net/nova/+bug/1031311
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/nova/+bug/1031311
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=845106
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=845106
3
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/77539
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/77539
4
reference_url https://github.com/openstack/nova
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova
5
reference_url https://github.com/openstack/nova/commit/ce4b2e27be45a85b310237615c47eb53f37bb5f3
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/ce4b2e27be45a85b310237615c47eb53f37bb5f3
6
reference_url https://github.com/openstack/nova/commit/d9577ce9f266166a297488445b5b0c93c1ddb368
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/d9577ce9f266166a297488445b5b0c93c1ddb368
7
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/nova/PYSEC-2012-21.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/nova/PYSEC-2012-21.yaml
8
reference_url https://review.openstack.org/#/c/10953
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://review.openstack.org/#/c/10953
9
reference_url https://review.openstack.org/#/c/10953/
reference_id
reference_type
scores
url https://review.openstack.org/#/c/10953/
10
reference_url https://web.archive.org/web/20120824003029/http://www.securityfocus.com/bid/54869
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20120824003029/http://www.securityfocus.com/bid/54869
11
reference_url http://www.openwall.com/lists/oss-security/2012/08/07/1
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/08/07/1
12
reference_url http://www.securityfocus.com/bid/54869
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/54869
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=684256
reference_id 684256
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=684256
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-3447
reference_id CVE-2012-3447
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-3447
15
reference_url https://github.com/advisories/GHSA-xc4g-7vw8-924h
reference_id GHSA-xc4g-7vw8-924h
reference_type
scores
url https://github.com/advisories/GHSA-xc4g-7vw8-924h
16
reference_url https://usn.ubuntu.com/1545-1/
reference_id USN-1545-1
reference_type
scores
url https://usn.ubuntu.com/1545-1/
fixed_packages
0
url pkg:deb/debian/nova@2012.1.1-6?distro=trixie
purl pkg:deb/debian/nova@2012.1.1-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2012.1.1-6%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ajec-k7qb-6yek
1
vulnerability VCID-fpvj-5qws-tydy
2
vulnerability VCID-rk1s-qbb6-2yh5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u4%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.1-2%3Fdistro=trixie
aliases CVE-2012-3447, GHSA-xc4g-7vw8-924h, PYSEC-2012-21
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jdjj-3uf5-tyf9
35
url VCID-jdq5-r57v-6kdj
vulnerability_id VCID-jdq5-r57v-6kdj
summary 
OpenStack Compute (Nova)'s VMWare driver vulnerable to denial of service
CVE-2014-3608 openstack-nova: incomplete fix for CVE-2014-2573, Nova VMware driver still leaks rescued images
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2014-1781.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-1781.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2014-1782.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-1782.html
2
reference_url https://access.redhat.com/errata/RHSA-2014:1781
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2014:1781
3
reference_url https://access.redhat.com/errata/RHSA-2014:1782
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2014:1782
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-3608
reference_id
reference_type
scores
0
value 0.00689
scoring_system epss
scoring_elements 0.72084
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-3608
5
reference_url https://bugs.launchpad.net/nova/+bug/1338830
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/nova/+bug/1338830
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1148253
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1148253
7
reference_url http://seclists.org/oss-sec/2014/q4/65
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/oss-sec/2014/q4/65
8
reference_url https://opendev.org/openstack/nova
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://opendev.org/openstack/nova
9
reference_url https://web.archive.org/web/20200228053850/http://www.securityfocus.com/bid/70220
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200228053850/http://www.securityfocus.com/bid/70220
10
reference_url http://www.securityfocus.com/bid/70220
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/70220
11
reference_url https://access.redhat.com/security/cve/CVE-2014-3608
reference_id CVE-2014-3608
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2014-3608
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-3608
reference_id CVE-2014-3608
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-3608
13
reference_url https://github.com/advisories/GHSA-92hc-c226-32q7
reference_id GHSA-92hc-c226-32q7
reference_type
scores
url https://github.com/advisories/GHSA-92hc-c226-32q7
14
reference_url https://usn.ubuntu.com/2407-1/
reference_id USN-2407-1
reference_type
scores
url https://usn.ubuntu.com/2407-1/
fixed_packages
0
url pkg:deb/debian/nova@2014.1.3-1?distro=trixie
purl pkg:deb/debian/nova@2014.1.3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2014.1.3-1%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ajec-k7qb-6yek
1
vulnerability VCID-fpvj-5qws-tydy
2
vulnerability VCID-rk1s-qbb6-2yh5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u4%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.1-2%3Fdistro=trixie
aliases CVE-2014-3608, GHSA-92hc-c226-32q7
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jdq5-r57v-6kdj
36
url VCID-kx6t-7mbh-gkc1
vulnerability_id VCID-kx6t-7mbh-gkc1
summary Directory traversal vulnerability in virt/disk/api.py in OpenStack Compute (Nova) Folsom (2012.2) and Essex (2012.1), when used over libvirt-based hypervisors, allows remote authenticated users to write arbitrary files to the disk image via a .. (dot dot) in the path attribute of a file element.
references
0
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2012-July/083984.html
reference_id
reference_type
scores
url http://lists.fedoraproject.org/pipermail/package-announce/2012-July/083984.html
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-3360
reference_id
reference_type
scores
0
value 0.01381
scoring_system epss
scoring_elements 0.80592
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-3360
2
reference_url https://bugs.launchpad.net/nova/+bug/1015531
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/nova/+bug/1015531
3
reference_url http://secunia.com/advisories/49763
reference_id
reference_type
scores
url http://secunia.com/advisories/49763
4
reference_url http://secunia.com/advisories/49802
reference_id
reference_type
scores
url http://secunia.com/advisories/49802
5
reference_url https://github.com/openstack/nova
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova
6
reference_url https://github.com/openstack/nova/commit/2427d4a99bed35baefd8f17ba422cb7aae8dcca7
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/2427d4a99bed35baefd8f17ba422cb7aae8dcca7
7
reference_url https://github.com/openstack/nova/commit/b0feaffdb2b1c51182b8dce41b367f3449af5dd9
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/b0feaffdb2b1c51182b8dce41b367f3449af5dd9
8
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/nova/PYSEC-2012-38.yaml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/nova/PYSEC-2012-38.yaml
9
reference_url https://lists.launchpad.net/openstack/msg14089.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.launchpad.net/openstack/msg14089.html
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-3360
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-3360
11
reference_url http://www.securityfocus.com/bid/54277
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/54277
12
reference_url http://www.ubuntu.com/usn/USN-1497-1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-1497-1
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=680110
reference_id 680110
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=680110
14
reference_url https://usn.ubuntu.com/1497-1/
reference_id USN-1497-1
reference_type
scores
url https://usn.ubuntu.com/1497-1/
fixed_packages
0
url pkg:deb/debian/nova@2012.1.1-2?distro=trixie
purl pkg:deb/debian/nova@2012.1.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2012.1.1-2%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ajec-k7qb-6yek
1
vulnerability VCID-fpvj-5qws-tydy
2
vulnerability VCID-rk1s-qbb6-2yh5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u4%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.1-2%3Fdistro=trixie
aliases CVE-2012-3360, GHSA-m454-cm7h-rqhh, PYSEC-2012-38
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kx6t-7mbh-gkc1
37
url VCID-msfc-5x87-fqgc
vulnerability_id VCID-msfc-5x87-fqgc
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-7498
reference_id
reference_type
scores
0
value 0.02248
scoring_system epss
scoring_elements 0.84855
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-7498
fixed_packages
0
url pkg:deb/debian/nova@2:13.1.0-1?distro=trixie
purl pkg:deb/debian/nova@2:13.1.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:13.1.0-1%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ajec-k7qb-6yek
1
vulnerability VCID-fpvj-5qws-tydy
2
vulnerability VCID-rk1s-qbb6-2yh5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u4%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.1-2%3Fdistro=trixie
aliases CVE-2016-7498
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-msfc-5x87-fqgc
38
url VCID-ngcr-5ry9-cqa8
vulnerability_id VCID-ngcr-5ry9-cqa8
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-7548
reference_id
reference_type
scores
0
value 0.00172
scoring_system epss
scoring_elements 0.38165
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-7548
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:S/C:C/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://usn.ubuntu.com/3449-1/
reference_id USN-3449-1
reference_type
scores
url https://usn.ubuntu.com/3449-1/
fixed_packages
0
url pkg:deb/debian/nova@2:13.0.0~rc3-1?distro=trixie
purl pkg:deb/debian/nova@2:13.0.0~rc3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:13.0.0~rc3-1%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ajec-k7qb-6yek
1
vulnerability VCID-fpvj-5qws-tydy
2
vulnerability VCID-rk1s-qbb6-2yh5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u4%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.1-2%3Fdistro=trixie
aliases CVE-2015-7548
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ngcr-5ry9-cqa8
39
url VCID-nmd6-kbb3-3fc1
vulnerability_id VCID-nmd6-kbb3-3fc1
summary The (1) EC2 and (2) OS APIs in OpenStack Compute (Nova) Folsom (2012.2), Essex (2012.1), and Diablo (2011.3) do not properly check the protocol when security groups are created and the network protocol is not specified entirely in lowercase, which allows remote attackers to bypass intended access restrictions.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-2654
reference_id
reference_type
scores
0
value 0.01178
scoring_system epss
scoring_elements 0.79055
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-2654
1
reference_url https://bugs.launchpad.net/nova/+bug/985184
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/nova/+bug/985184
2
reference_url http://secunia.com/advisories/46808
reference_id
reference_type
scores
url http://secunia.com/advisories/46808
3
reference_url http://secunia.com/advisories/49439
reference_id
reference_type
scores
url http://secunia.com/advisories/49439
4
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/76110
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/76110
5
reference_url https://github.com/openstack/nova
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova
6
reference_url https://github.com/openstack/nova/commit/9f9e9da777161426a6f8cb4314b78e09beac2978
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/9f9e9da777161426a6f8cb4314b78e09beac2978
7
reference_url https://github.com/openstack/nova/commit/ff06c7c885dc94ed7c828e8cdbb8b5d850a7e654
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/ff06c7c885dc94ed7c828e8cdbb8b5d850a7e654
8
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/nova/PYSEC-2012-37.yaml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/nova/PYSEC-2012-37.yaml
9
reference_url https://lists.launchpad.net/openstack/msg12883.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.launchpad.net/openstack/msg12883.html
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-2654
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-2654
11
reference_url https://review.openstack.org/#/c/8239
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://review.openstack.org/#/c/8239
12
reference_url https://review.openstack.org/#/c/8239/
reference_id
reference_type
scores
url https://review.openstack.org/#/c/8239/
13
reference_url http://www.ubuntu.com/usn/USN-1466-1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-1466-1
14
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=676465
reference_id 676465
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=676465
15
reference_url https://usn.ubuntu.com/1466-1/
reference_id USN-1466-1
reference_type
scores
url https://usn.ubuntu.com/1466-1/
fixed_packages
0
url pkg:deb/debian/nova@2012.1-6?distro=trixie
purl pkg:deb/debian/nova@2012.1-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2012.1-6%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ajec-k7qb-6yek
1
vulnerability VCID-fpvj-5qws-tydy
2
vulnerability VCID-rk1s-qbb6-2yh5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u4%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.1-2%3Fdistro=trixie
aliases CVE-2012-2654, GHSA-46r8-9cj7-pw6g, PYSEC-2012-37
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nmd6-kbb3-3fc1
40
url VCID-p137-11yd-4bgv
vulnerability_id VCID-p137-11yd-4bgv
summary 
OpenStack Nova logs sensitive context from notification exceptions
An issue was discovered in exception_wrapper.py in OpenStack Nova 13.x through 13.1.3, 14.x through 14.0.4, and 15.x through 15.0.1. Legacy notification exception contexts appearing in ERROR level logs may include sensitive information such as account passwords and authorization tokens.
references
0
reference_url https://access.redhat.com/errata/RHSA-2017:1508
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:1508
1
reference_url https://access.redhat.com/errata/RHSA-2017:1595
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:1595
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-7214
reference_id
reference_type
scores
0
value 0.01297
scoring_system epss
scoring_elements 0.80021
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-7214
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.5
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:S/C:P/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/openstack/nova
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova
5
reference_url https://github.com/openstack/nova/commit/3f985f1eda6f29180878a3d21c20c5057179486a
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/3f985f1eda6f29180878a3d21c20c5057179486a
6
reference_url https://github.com/openstack/nova/commit/acb19160d4d348e29a21ad57c61c7369352c4d1c
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/acb19160d4d348e29a21ad57c61c7369352c4d1c
7
reference_url https://github.com/openstack/nova/commit/c2c91ce44592fc5dc2aacee1cf7f5b5cfd2e9a0a
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/c2c91ce44592fc5dc2aacee1cf7f5b5cfd2e9a0a
8
reference_url https://github.com/openstack/nova/commit/e193201fa1de5b08b29adefd8c149935c5529598
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/e193201fa1de5b08b29adefd8c149935c5529598
9
reference_url https://launchpad.net/bugs/1673569
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://launchpad.net/bugs/1673569
10
reference_url http://www.securityfocus.com/bid/96998
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/96998
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858568
reference_id 858568
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858568
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-7214
reference_id CVE-2017-7214
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-7214
13
reference_url https://github.com/advisories/GHSA-f4g4-cj8f-3cr9
reference_id GHSA-f4g4-cj8f-3cr9
reference_type
scores
url https://github.com/advisories/GHSA-f4g4-cj8f-3cr9
fixed_packages
0
url pkg:deb/debian/nova@2:14.0.0-4?distro=trixie
purl pkg:deb/debian/nova@2:14.0.0-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:14.0.0-4%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ajec-k7qb-6yek
1
vulnerability VCID-fpvj-5qws-tydy
2
vulnerability VCID-rk1s-qbb6-2yh5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u4%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.1-2%3Fdistro=trixie
aliases CVE-2017-7214, GHSA-f4g4-cj8f-3cr9
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p137-11yd-4bgv
41
url VCID-p33s-1qnf-f7b8
vulnerability_id VCID-p33s-1qnf-f7b8
summary
references
0
reference_url http://lists.openstack.org/pipermail/openstack-announce/2013-May/000102.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.openstack.org/pipermail/openstack-announce/2013-May/000102.html
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-2096
reference_id
reference_type
scores
0
value 0.00062
scoring_system epss
scoring_elements 0.19437
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-2096
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:N/C:N/I:N/A:C
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/openstack/nova
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova
4
reference_url https://github.com/openstack/nova/commit/0caeb8eaf20abcdc77828f5c6b79fc104619e231
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/0caeb8eaf20abcdc77828f5c6b79fc104619e231
5
reference_url https://github.com/openstack/nova/commit/44a8aba1d5da87d54db48079103fdef946666d80
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/44a8aba1d5da87d54db48079103fdef946666d80
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-2096
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-2096
7
reference_url https://review.openstack.org/#/c/28717
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://review.openstack.org/#/c/28717
8
reference_url https://review.openstack.org/#/c/28901
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://review.openstack.org/#/c/28901
9
reference_url https://review.openstack.org/#/c/29192
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://review.openstack.org/#/c/29192
10
reference_url https://web.archive.org/web/20130726040108/http://www.securityfocus.com/bid/59924
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20130726040108/http://www.securityfocus.com/bid/59924
11
reference_url http://www.ubuntu.com/usn/USN-1831-1
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-1831-1
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=710157
reference_id 710157
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=710157
13
reference_url https://usn.ubuntu.com/1831-1/
reference_id USN-1831-1
reference_type
scores
url https://usn.ubuntu.com/1831-1/
fixed_packages
0
url pkg:deb/debian/nova@2013.1.2-2?distro=trixie
purl pkg:deb/debian/nova@2013.1.2-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2013.1.2-2%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ajec-k7qb-6yek
1
vulnerability VCID-fpvj-5qws-tydy
2
vulnerability VCID-rk1s-qbb6-2yh5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u4%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.1-2%3Fdistro=trixie
aliases CVE-2013-2096, GHSA-m674-hmx2-ffhq
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p33s-1qnf-f7b8
42
url VCID-pva3-4j9z-9kex
vulnerability_id VCID-pva3-4j9z-9kex
summary
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2014-0091.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-0091.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2014-0231.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-0231.html
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-6419
reference_id
reference_type
scores
0
value 0.00563
scoring_system epss
scoring_elements 0.68691
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-6419
3
reference_url https://bugs.launchpad.net/neutron/+bug/1235450
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/neutron/+bug/1235450
4
reference_url https://github.com/openstack/nova
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova
5
reference_url https://github.com/openstack/nova/commit/07006be9165d1008ca0382b6f0ad25b13a676a55
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/07006be9165d1008ca0382b6f0ad25b13a676a55
6
reference_url https://github.com/openstack/nova/commit/af2f823107010933ecd94a9c938f8b739baaecb7
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/af2f823107010933ecd94a9c938f8b739baaecb7
7
reference_url https://github.com/openstack/nova/commit/bce36e9bdb1fcb9658f7b684d160e656e88d816c
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/bce36e9bdb1fcb9658f7b684d160e656e88d816c
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-6419
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-6419
9
reference_url https://review.openstack.org/#/c/61428/2/nova/api/metadata/handler.py
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://review.openstack.org/#/c/61428/2/nova/api/metadata/handler.py
10
reference_url https://review.openstack.org/#/c/61439/1/neutron/agent/metadata/agent.py
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://review.openstack.org/#/c/61439/1/neutron/agent/metadata/agent.py
11
reference_url http://www.openwall.com/lists/oss-security/2013/12/11/8
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2013/12/11/8
12
reference_url http://www.securityfocus.com/bid/64250
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/64250
fixed_packages
0
url pkg:deb/debian/nova@2013.2.1-1?distro=trixie
purl pkg:deb/debian/nova@2013.2.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2013.2.1-1%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ajec-k7qb-6yek
1
vulnerability VCID-fpvj-5qws-tydy
2
vulnerability VCID-rk1s-qbb6-2yh5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u4%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.1-2%3Fdistro=trixie
aliases CVE-2013-6419, GHSA-22w9-j288-8p9w
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pva3-4j9z-9kex
43
url VCID-q2pf-qwnc-5qa2
vulnerability_id VCID-q2pf-qwnc-5qa2
summary 
Exposure of Sensitive Information to an Unauthorized Actor
api/metadata/handler.py in OpenStack Compute (Nova) before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2, when proxying metadata requests through Neutron, makes it easier for remote attackers to guess instance ID signatures via a brute-force attack that relies on timing differences in responses to instance metadata requests.
references
0
reference_url https://access.redhat.com/errata/RHSA-2014:0940
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2014:0940
1
reference_url https://access.redhat.com/errata/RHSA-2014:1084
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2014:1084
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-3517
reference_id
reference_type
scores
0
value 0.00398
scoring_system epss
scoring_elements 0.60899
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-3517
3
reference_url https://bugs.launchpad.net/nova/+bug/1325128
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/nova/+bug/1325128
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1112499
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1112499
5
reference_url https://opendev.org/openstack/nova
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://opendev.org/openstack/nova
6
reference_url http://www.openwall.com/lists/oss-security/2014/07/17/2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2014/07/17/2
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=755042
reference_id 755042
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=755042
8
reference_url https://access.redhat.com/security/cve/CVE-2014-3517
reference_id CVE-2014-3517
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2014-3517
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-3517
reference_id CVE-2014-3517
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-3517
10
reference_url https://github.com/advisories/GHSA-xjmj-p278-4jp5
reference_id GHSA-xjmj-p278-4jp5
reference_type
scores
url https://github.com/advisories/GHSA-xjmj-p278-4jp5
11
reference_url https://usn.ubuntu.com/2325-1/
reference_id USN-2325-1
reference_type
scores
url https://usn.ubuntu.com/2325-1/
fixed_packages
0
url pkg:deb/debian/nova@2014.1.1-8?distro=trixie
purl pkg:deb/debian/nova@2014.1.1-8?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2014.1.1-8%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ajec-k7qb-6yek
1
vulnerability VCID-fpvj-5qws-tydy
2
vulnerability VCID-rk1s-qbb6-2yh5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u4%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.1-2%3Fdistro=trixie
aliases CVE-2014-3517, GHSA-xjmj-p278-4jp5
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q2pf-qwnc-5qa2
44
url VCID-qgh3-k8un-tqfz
vulnerability_id VCID-qgh3-k8un-tqfz
summary OpenStack Compute (Nova) Grizzly, Folsom (2012.2), and Essex (2012.1) allows remote authenticated users to gain access to a VM in opportunistic circumstances by using the VNC token for a deleted VM that was bound to the same VNC port.
references
0
reference_url http://github.com/openstack/nova/commit/05a3374992bc8ba53ddc9c491b51c4b59eed0a72
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://github.com/openstack/nova/commit/05a3374992bc8ba53ddc9c491b51c4b59eed0a72
1
reference_url http://github.com/openstack/nova/commit/3b0f4cf6bea33e6ee1893f6e872d968b0c309f88
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://github.com/openstack/nova/commit/3b0f4cf6bea33e6ee1893f6e872d968b0c309f88
2
reference_url http://github.com/openstack/nova/commit/48e81f1554ce41c3d4f7445421d19f4a8128e98d
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://github.com/openstack/nova/commit/48e81f1554ce41c3d4f7445421d19f4a8128e98d
3
reference_url http://github.com/openstack/nova/commit/ad94a90202193335f011888db017e557b07faf8a
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://github.com/openstack/nova/commit/ad94a90202193335f011888db017e557b07faf8a
4
reference_url http://github.com/openstack/nova/commit/e98928cf77645fdc309da894f3bd332e99482e0d
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://github.com/openstack/nova/commit/e98928cf77645fdc309da894f3bd332e99482e0d
5
reference_url http://rhn.redhat.com/errata/RHSA-2013-0709.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-0709.html
6
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-0335
reference_id
reference_type
scores
0
value 0.01036
scoring_system epss
scoring_elements 0.77692
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-0335
7
reference_url https://bugs.launchpad.net/nova/+bug/1125378
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/nova/+bug/1125378
8
reference_url http://secunia.com/advisories/52337
reference_id
reference_type
scores
url http://secunia.com/advisories/52337
9
reference_url http://secunia.com/advisories/52728
reference_id
reference_type
scores
url http://secunia.com/advisories/52728
10
reference_url https://github.com/openstack/nova
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova
11
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/nova/PYSEC-2013-43.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/nova/PYSEC-2013-43.yaml
12
reference_url https://review.openstack.org/#/c/22086
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://review.openstack.org/#/c/22086
13
reference_url https://review.openstack.org/#/c/22086/
reference_id
reference_type
scores
url https://review.openstack.org/#/c/22086/
14
reference_url https://review.openstack.org/#/c/22758
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://review.openstack.org/#/c/22758
15
reference_url https://review.openstack.org/#/c/22872
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://review.openstack.org/#/c/22872
16
reference_url https://review.openstack.org/#/c/22872/
reference_id
reference_type
scores
url https://review.openstack.org/#/c/22872/
17
reference_url http://www.openwall.com/lists/oss-security/2013/02/26/7
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2013/02/26/7
18
reference_url http://www.osvdb.org/90657
reference_id
reference_type
scores
url http://www.osvdb.org/90657
19
reference_url http://www.ubuntu.com/usn/USN-1771-1
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-1771-1
20
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701773
reference_id 701773
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701773
21
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-0335
reference_id CVE-2013-0335
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-0335
22
reference_url https://github.com/advisories/GHSA-qfp8-hfqx-c79c
reference_id GHSA-qfp8-hfqx-c79c
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qfp8-hfqx-c79c
23
reference_url https://usn.ubuntu.com/1771-1/
reference_id USN-1771-1
reference_type
scores
url https://usn.ubuntu.com/1771-1/
fixed_packages
0
url pkg:deb/debian/nova@2012.1.1-14?distro=trixie
purl pkg:deb/debian/nova@2012.1.1-14?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2012.1.1-14%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ajec-k7qb-6yek
1
vulnerability VCID-fpvj-5qws-tydy
2
vulnerability VCID-rk1s-qbb6-2yh5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u4%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.1-2%3Fdistro=trixie
aliases CVE-2013-0335, GHSA-qfp8-hfqx-c79c, PYSEC-2013-43
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qgh3-k8un-tqfz
45
url VCID-qkwv-cmuz-hubn
vulnerability_id VCID-qkwv-cmuz-hubn
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-0030
reference_id
reference_type
scores
0
value 0.00549
scoring_system epss
scoring_elements 0.68245
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-0030
1
reference_url https://usn.ubuntu.com/1326-1/
reference_id USN-1326-1
reference_type
scores
url https://usn.ubuntu.com/1326-1/
fixed_packages
0
url pkg:deb/debian/nova@2012.1~rc1-1?distro=trixie
purl pkg:deb/debian/nova@2012.1~rc1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2012.1~rc1-1%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ajec-k7qb-6yek
1
vulnerability VCID-fpvj-5qws-tydy
2
vulnerability VCID-rk1s-qbb6-2yh5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u4%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.1-2%3Fdistro=trixie
aliases CVE-2012-0030
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qkwv-cmuz-hubn
46
url VCID-qmtt-dars-5ba8
vulnerability_id VCID-qmtt-dars-5ba8
summary OpenStack Compute (Nova) Folsom before 2012.2.2 and Grizzly, when using libvirt and LVM backed instances, does not properly clear physical volume (PV) content when reallocating for instances, which allows attackers to obtain sensitive information by reading the memory of the previous logical volume (LV).
references
0
reference_url http://osvdb.org/88419
reference_id
reference_type
scores
url http://osvdb.org/88419
1
reference_url http://rhn.redhat.com/errata/RHSA-2013-0208.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-0208.html
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-5625
reference_id
reference_type
scores
0
value 0.01057
scoring_system epss
scoring_elements 0.77915
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-5625
3
reference_url https://bugs.launchpad.net/nova/+bug/1070539
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/nova/+bug/1070539
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=884293
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=884293
5
reference_url https://github.com/openstack/nova
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova
6
reference_url https://github.com/openstack/nova/commit/9d2ea970422591f8cdc394001be9a2deca499a5f
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/9d2ea970422591f8cdc394001be9a2deca499a5f
7
reference_url https://github.com/openstack/nova/commit/a99a802e008eed18e39fc1d98170edc495cbd354
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/a99a802e008eed18e39fc1d98170edc495cbd354
8
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/nova/PYSEC-2012-41.yaml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/nova/PYSEC-2012-41.yaml
9
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/nova/PYSEC-2012-42.yaml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/nova/PYSEC-2012-42.yaml
10
reference_url https://launchpad.net/nova/folsom/2012.2.2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://launchpad.net/nova/folsom/2012.2.2
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-5625
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-5625
12
reference_url http://www.openwall.com/lists/oss-security/2012/12/11/5
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/12/11/5
13
reference_url http://www.securityfocus.com/bid/56904
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/56904
14
reference_url http://www.ubuntu.com/usn/USN-1663-1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-1663-1
15
reference_url https://usn.ubuntu.com/1663-1/
reference_id USN-1663-1
reference_type
scores
url https://usn.ubuntu.com/1663-1/
fixed_packages
0
url pkg:deb/debian/nova@0?distro=trixie
purl pkg:deb/debian/nova@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@0%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ajec-k7qb-6yek
1
vulnerability VCID-fpvj-5qws-tydy
2
vulnerability VCID-rk1s-qbb6-2yh5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u4%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.1-2%3Fdistro=trixie
aliases CVE-2012-5625, GHSA-rwhr-h69g-8qmq, PYSEC-2012-41, PYSEC-2012-42
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qmtt-dars-5ba8
47
url VCID-qsba-b5ru-hbbw
vulnerability_id VCID-qsba-b5ru-hbbw
summary 
OpenStack Nova Long server names grow nova-api log files significantly
OpenStack Compute (Nova) Essex before 2011.3 allows remote authenticated users to cause a denial of service (Nova-API log file and disk consumption) via a long server name.
references
0
reference_url http://github.com/openstack/nova/commit/0fa7d12dbfb7ae016657dd91034b4c0781ea43de
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://github.com/openstack/nova/commit/0fa7d12dbfb7ae016657dd91034b4c0781ea43de
1
reference_url http://github.com/openstack/nova/commit/1ebec5726c7a9db0a6f29fad0ef747b0c087f702
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://github.com/openstack/nova/commit/1ebec5726c7a9db0a6f29fad0ef747b0c087f702
2
reference_url http://github.com/openstack/nova/commit/c7f526fae6062e9ab51f65474af71d496aa66554
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://github.com/openstack/nova/commit/c7f526fae6062e9ab51f65474af71d496aa66554
3
reference_url http://github.com/openstack/nova/commit/c869a41951b77c6930bf4fb4734f05cd3d6ac4b1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://github.com/openstack/nova/commit/c869a41951b77c6930bf4fb4734f05cd3d6ac4b1
4
reference_url http://lwn.net/Alerts/491298
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lwn.net/Alerts/491298
5
reference_url http://osdir.com/ml/openstack-cloud-computing/2012-03/msg01133.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://osdir.com/ml/openstack-cloud-computing/2012-03/msg01133.html
6
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-1585
reference_id
reference_type
scores
0
value 0.00475
scoring_system epss
scoring_elements 0.65115
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-1585
7
reference_url https://bugs.launchpad.net/nova/+bug/962515
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/nova/+bug/962515
8
reference_url https://github.com/openstack/nova
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=666888
reference_id 666888
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=666888
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-1585
reference_id CVE-2012-1585
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-1585
11
reference_url https://github.com/advisories/GHSA-pjvw-p2v5-wf6q
reference_id GHSA-pjvw-p2v5-wf6q
reference_type
scores
url https://github.com/advisories/GHSA-pjvw-p2v5-wf6q
12
reference_url https://usn.ubuntu.com/1413-1/
reference_id USN-1413-1
reference_type
scores
url https://usn.ubuntu.com/1413-1/
fixed_packages
0
url pkg:deb/debian/nova@2012-1~rc3-1?distro=trixie
purl pkg:deb/debian/nova@2012-1~rc3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2012-1~rc3-1%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ajec-k7qb-6yek
1
vulnerability VCID-fpvj-5qws-tydy
2
vulnerability VCID-rk1s-qbb6-2yh5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u4%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.1-2%3Fdistro=trixie
aliases CVE-2012-1585, GHSA-pjvw-p2v5-wf6q
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qsba-b5ru-hbbw
48
url VCID-qzs3-yx8x-7qfb
vulnerability_id VCID-qzs3-yx8x-7qfb
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-7230
reference_id
reference_type
scores
0
value 0.00123
scoring_system epss
scoring_elements 0.31025
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-7230
1
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765704
reference_id 765704
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765704
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765714
reference_id 765714
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765714
3
reference_url https://usn.ubuntu.com/2405-1/
reference_id USN-2405-1
reference_type
scores
url https://usn.ubuntu.com/2405-1/
4
reference_url https://usn.ubuntu.com/2407-1/
reference_id USN-2407-1
reference_type
scores
url https://usn.ubuntu.com/2407-1/
fixed_packages
0
url pkg:deb/debian/nova@2014.1.3-5?distro=trixie
purl pkg:deb/debian/nova@2014.1.3-5?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2014.1.3-5%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ajec-k7qb-6yek
1
vulnerability VCID-fpvj-5qws-tydy
2
vulnerability VCID-rk1s-qbb6-2yh5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u4%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.1-2%3Fdistro=trixie
aliases CVE-2014-7230
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qzs3-yx8x-7qfb
49
url VCID-rk1s-qbb6-2yh5
vulnerability_id VCID-rk1s-qbb6-2yh5
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-2088.json
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-2088.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-2088
reference_id
reference_type
scores
0
value 0.00126
scoring_system epss
scoring_elements 0.31499
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-2088
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035932
reference_id 1035932
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035932
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035961
reference_id 1035961
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035961
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035962
reference_id 1035962
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035962
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035963
reference_id 1035963
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035963
7
reference_url https://bugs.launchpad.net/bugs/2004555
reference_id 2004555
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-24T15:40:54Z/
url https://bugs.launchpad.net/bugs/2004555
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2179587
reference_id 2179587
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2179587
9
reference_url https://security.openstack.org/ossa/OSSA-2023-003.html
reference_id OSSA-2023-003.html
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-24T15:40:54Z/
url https://security.openstack.org/ossa/OSSA-2023-003.html
10
reference_url https://access.redhat.com/errata/RHSA-2023:3156
reference_id RHSA-2023:3156
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3156
11
reference_url https://access.redhat.com/errata/RHSA-2023:3157
reference_id RHSA-2023:3157
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3157
12
reference_url https://access.redhat.com/errata/RHSA-2023:3158
reference_id RHSA-2023:3158
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3158
13
reference_url https://access.redhat.com/errata/RHSA-2023:3161
reference_id RHSA-2023:3161
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3161
14
reference_url https://usn.ubuntu.com/6073-1/
reference_id USN-6073-1
reference_type
scores
url https://usn.ubuntu.com/6073-1/
15
reference_url https://usn.ubuntu.com/6073-2/
reference_id USN-6073-2
reference_type
scores
url https://usn.ubuntu.com/6073-2/
16
reference_url https://usn.ubuntu.com/6073-3/
reference_id USN-6073-3
reference_type
scores
url https://usn.ubuntu.com/6073-3/
17
reference_url https://usn.ubuntu.com/6073-4/
reference_id USN-6073-4
reference_type
scores
url https://usn.ubuntu.com/6073-4/
18
reference_url https://usn.ubuntu.com/6241-1/
reference_id USN-6241-1
reference_type
scores
url https://usn.ubuntu.com/6241-1/
fixed_packages
0
url pkg:deb/debian/nova@2:26.1.0-4?distro=trixie
purl pkg:deb/debian/nova@2:26.1.0-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.1.0-4%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u4%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.1-2%3Fdistro=trixie
aliases CVE-2023-2088
risk_score 4.1
exploitability 0.5
weighted_severity 8.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rk1s-qbb6-2yh5
50
url VCID-s6r7-gev3-e7fk
vulnerability_id VCID-s6r7-gev3-e7fk
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-9543
reference_id
reference_type
scores
0
value 0.00083
scoring_system epss
scoring_elements 0.2422
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-9543
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://github.com/openstack/nova/commit/08f1f914cc219cf526adfb08c46b8f40b4e78232
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/08f1f914cc219cf526adfb08c46b8f40b4e78232
3
reference_url https://github.com/openstack/nova/commit/26d4047e17eba9bc271f8868f1d0ffeec97b555e
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/26d4047e17eba9bc271f8868f1d0ffeec97b555e
4
reference_url https://github.com/openstack/nova/commit/d8fbf04f325f593836f8d44b6bbf42b85bde94e3
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/d8fbf04f325f593836f8d44b6bbf42b85bde94e3
5
reference_url https://launchpad.net/bugs/1492140
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://launchpad.net/bugs/1492140
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-9543
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-9543
7
reference_url https://review.opendev.org/220622
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://review.opendev.org/220622
8
reference_url https://security.openstack.org/ossa/OSSA-2020-001.html
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://security.openstack.org/ossa/OSSA-2020-001.html
9
reference_url http://www.openwall.com/lists/oss-security/2020/02/19/2
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2020/02/19/2
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=951635
reference_id 951635
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=951635
11
reference_url https://usn.ubuntu.com/5866-1/
reference_id USN-5866-1
reference_type
scores
url https://usn.ubuntu.com/5866-1/
fixed_packages
0
url pkg:deb/debian/nova@2:20.1.1-1?distro=trixie
purl pkg:deb/debian/nova@2:20.1.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:20.1.1-1%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ajec-k7qb-6yek
1
vulnerability VCID-fpvj-5qws-tydy
2
vulnerability VCID-rk1s-qbb6-2yh5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u4%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.1-2%3Fdistro=trixie
aliases CVE-2015-9543, GHSA-22jm-4hxw-35jf
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s6r7-gev3-e7fk
51
url VCID-t13y-haaf-7bfk
vulnerability_id VCID-t13y-haaf-7bfk
summary
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2013-1199.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-1199.html
1
reference_url https://access.redhat.com/errata/RHSA-2013:1199
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2013:1199
2
reference_url https://access.redhat.com/security/cve/CVE-2013-4179
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2013-4179
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4179
reference_id
reference_type
scores
0
value 0.00669
scoring_system epss
scoring_elements 0.71678
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4179
4
reference_url https://bugs.launchpad.net/ossa/+bug/1190229
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/ossa/+bug/1190229
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=989707
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=989707
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-4179
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-4179
7
reference_url https://opendev.org/openstack/nova
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://opendev.org/openstack/nova
8
reference_url http://www.ubuntu.com/usn/USN-2005-1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-2005-1
9
reference_url https://usn.ubuntu.com/2000-1/
reference_id USN-2000-1
reference_type
scores
url https://usn.ubuntu.com/2000-1/
10
reference_url https://usn.ubuntu.com/2005-1/
reference_id USN-2005-1
reference_type
scores
url https://usn.ubuntu.com/2005-1/
fixed_packages
0
url pkg:deb/debian/nova@2013.1.3-1?distro=trixie
purl pkg:deb/debian/nova@2013.1.3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2013.1.3-1%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ajec-k7qb-6yek
1
vulnerability VCID-fpvj-5qws-tydy
2
vulnerability VCID-rk1s-qbb6-2yh5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u4%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.1-2%3Fdistro=trixie
aliases CVE-2013-4179, GHSA-j6xh-q826-55jw
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t13y-haaf-7bfk
52
url VCID-tzk5-1nfn-eyg9
vulnerability_id VCID-tzk5-1nfn-eyg9
summary virt/disk/api.py in OpenStack Compute (Nova) Folsom (2012.2), Essex (2012.1), and Diablo (2011.3) allows remote authenticated users to overwrite arbitrary files via a symlink attack on a file in an image.
references
0
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2012-July/083969.html
reference_id
reference_type
scores
url http://lists.fedoraproject.org/pipermail/package-announce/2012-July/083969.html
1
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2012-July/083984.html
reference_id
reference_type
scores
url http://lists.fedoraproject.org/pipermail/package-announce/2012-July/083984.html
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-3361
reference_id
reference_type
scores
0
value 0.01377
scoring_system epss
scoring_elements 0.80568
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-3361
3
reference_url https://bugs.launchpad.net/nova/+bug/1015531
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/nova/+bug/1015531
4
reference_url http://secunia.com/advisories/49763
reference_id
reference_type
scores
url http://secunia.com/advisories/49763
5
reference_url http://secunia.com/advisories/49802
reference_id
reference_type
scores
url http://secunia.com/advisories/49802
6
reference_url https://github.com/openstack/nova
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova
7
reference_url https://github.com/openstack/nova/commit/2427d4a99bed35baefd8f17ba422cb7aae8dcca7
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/2427d4a99bed35baefd8f17ba422cb7aae8dcca7
8
reference_url https://github.com/openstack/nova/commit/b0feaffdb2b1c51182b8dce41b367f3449af5dd9
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/b0feaffdb2b1c51182b8dce41b367f3449af5dd9
9
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/nova/PYSEC-2012-39.yaml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/nova/PYSEC-2012-39.yaml
10
reference_url https://lists.launchpad.net/openstack/msg14089.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.launchpad.net/openstack/msg14089.html
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-3361
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-3361
12
reference_url https://review.openstack.org/#/c/9268
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://review.openstack.org/#/c/9268
13
reference_url https://review.openstack.org/#/c/9268/
reference_id
reference_type
scores
url https://review.openstack.org/#/c/9268/
14
reference_url http://www.securityfocus.com/bid/54278
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/54278
15
reference_url http://www.ubuntu.com/usn/USN-1497-1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-1497-1
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=680110
reference_id 680110
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=680110
17
reference_url https://usn.ubuntu.com/1497-1/
reference_id USN-1497-1
reference_type
scores
url https://usn.ubuntu.com/1497-1/
fixed_packages
0
url pkg:deb/debian/nova@2012.1.1-2?distro=trixie
purl pkg:deb/debian/nova@2012.1.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2012.1.1-2%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ajec-k7qb-6yek
1
vulnerability VCID-fpvj-5qws-tydy
2
vulnerability VCID-rk1s-qbb6-2yh5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u4%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.1-2%3Fdistro=trixie
aliases CVE-2012-3361, GHSA-cm54-3vvf-f5p8, PYSEC-2012-39
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tzk5-1nfn-eyg9
53
url VCID-u19q-tztn-gbdk
vulnerability_id VCID-u19q-tztn-gbdk
summary 
OpenStack Nova calls qemu-img without format restrictions for resize
An issue was discovered in OpenStack Nova before 30.2.2, 31 before 31.2.1, and 32 before 32.1.1. By writing a malicious QCOW header to a root or ephemeral disk and then triggering a resize, a user may convince Nova's Flat image backend to call qemu-img without a format restriction, resulting in an unsafe image resize operation that could destroy data on the host system. Only compute nodes using the Flat image backend (usually configured with use_cow_images=False) are affected.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-24708.json
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-24708.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-24708
reference_id
reference_type
scores
0
value 0.00019
scoring_system epss
scoring_elements 0.05485
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-24708
2
reference_url https://bugs.launchpad.net/nova/+bug/2137507
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-19T19:07:53Z/
url https://bugs.launchpad.net/nova/+bug/2137507
3
reference_url https://github.com/openstack/nova
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova
4
reference_url https://github.com/openstack/nova/commit/3eba22ff09c81a61750fbb4882e5f1f01a20fdf5
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/3eba22ff09c81a61750fbb4882e5f1f01a20fdf5
5
reference_url https://lists.debian.org/debian-lts-announce/2026/02/msg00025.html
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2026/02/msg00025.html
6
reference_url https://www.openwall.com/lists/oss-security/2026/02/17/7
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-19T19:07:53Z/
url https://www.openwall.com/lists/oss-security/2026/02/17/7
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1128294
reference_id 1128294
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1128294
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2430312
reference_id 2430312
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2430312
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-24708
reference_id CVE-2026-24708
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-24708
10
reference_url https://github.com/advisories/GHSA-m4f3-qp2w-gwh6
reference_id GHSA-m4f3-qp2w-gwh6
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-m4f3-qp2w-gwh6
11
reference_url https://access.redhat.com/errata/RHSA-2026:7884
reference_id RHSA-2026:7884
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7884
12
reference_url https://usn.ubuntu.com/8049-1/
reference_id USN-8049-1
reference_type
scores
url https://usn.ubuntu.com/8049-1/
fixed_packages
0
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ajec-k7qb-6yek
1
vulnerability VCID-fpvj-5qws-tydy
2
vulnerability VCID-rk1s-qbb6-2yh5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:22.4.0-1~deb11u7?distro=trixie
purl pkg:deb/debian/nova@2:22.4.0-1~deb11u7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.4.0-1~deb11u7%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u4%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:32.1.0-7?distro=trixie
purl pkg:deb/debian/nova@2:32.1.0-7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:32.1.0-7%3Fdistro=trixie
5
url pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.1-2%3Fdistro=trixie
aliases CVE-2026-24708, GHSA-m4f3-qp2w-gwh6
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u19q-tztn-gbdk
54
url VCID-u36z-5drx-vfce
vulnerability_id VCID-u36z-5drx-vfce
summary 
OpenStack Nova DoS through ephemeral disk backing files
The libvirt driver in OpenStack Compute (Nova) before 2013.2.2 and icehouse before icehouse-2 allows remote authenticated users to cause a denial of service (disk consumption) by creating and deleting instances with unique os_type settings, which triggers the creation of a new ephemeral disk backing file.
references
0
reference_url http://lists.openstack.org/pipermail/openstack-announce/2013-December/000179.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.openstack.org/pipermail/openstack-announce/2013-December/000179.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2014-0231.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-0231.html
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-6437
reference_id
reference_type
scores
0
value 0.00434
scoring_system epss
scoring_elements 0.63104
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-6437
3
reference_url https://bugs.launchpad.net/nova/+bug/1253980
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/nova/+bug/1253980
4
reference_url https://github.com/openstack/nova
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova
5
reference_url https://github.com/openstack/nova/commit/3e451f1bac57d24e47171cffb3ad59bb1610d836
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/3e451f1bac57d24e47171cffb3ad59bb1610d836
6
reference_url https://github.com/openstack/nova/commit/6e455cd97f04bf26bbe022be17c57e089cf502f4
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/6e455cd97f04bf26bbe022be17c57e089cf502f4
7
reference_url https://github.com/openstack/nova/commit/ca38774ebcf5b67d16c202c8f218c0c433973ca9
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/ca38774ebcf5b67d16c202c8f218c0c433973ca9
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-6437
reference_id CVE-2013-6437
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-6437
9
reference_url https://github.com/advisories/GHSA-hrv9-4x4c-9jc8
reference_id GHSA-hrv9-4x4c-9jc8
reference_type
scores
url https://github.com/advisories/GHSA-hrv9-4x4c-9jc8
fixed_packages
0
url pkg:deb/debian/nova@2013.2.2?distro=trixie
purl pkg:deb/debian/nova@2013.2.2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2013.2.2%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ajec-k7qb-6yek
1
vulnerability VCID-fpvj-5qws-tydy
2
vulnerability VCID-rk1s-qbb6-2yh5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u4%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.1-2%3Fdistro=trixie
aliases CVE-2013-6437, GHSA-hrv9-4x4c-9jc8
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u36z-5drx-vfce
55
url VCID-u7ma-975h-ebbr
vulnerability_id VCID-u7ma-975h-ebbr
summary The Nova scheduler in OpenStack Compute (Nova) Folsom (2012.2) and Essex (2012.1), when DifferentHostFilter or SameHostFilter is enabled, allows remote authenticated users to cause a denial of service (excessive database lookup calls and server hang) via a request with many repeated IDs in the os:scheduler_hints section.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-3371
reference_id
reference_type
scores
0
value 0.00881
scoring_system epss
scoring_elements 0.75679
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-3371
1
reference_url https://bugs.launchpad.net/nova/+bug/1017795
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/nova/+bug/1017795
2
reference_url https://github.com/openstack/nova
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova
3
reference_url https://github.com/openstack/nova/commit/034762e8060dcf0a11cb039b9d426b0d0bb1801d
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/034762e8060dcf0a11cb039b9d426b0d0bb1801d
4
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/nova/PYSEC-2012-40.yaml
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/nova/PYSEC-2012-40.yaml
5
reference_url https://lists.launchpad.net/openstack/msg14452.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://lists.launchpad.net/openstack/msg14452.html
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-3371
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-3371
7
reference_url http://www.openwall.com/lists/oss-security/2012/07/11/13
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/07/11/13
8
reference_url http://www.securityfocus.com/bid/54388
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/54388
9
reference_url http://www.ubuntu.com/usn/USN-1501-1
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-1501-1
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=681301
reference_id 681301
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=681301
11
reference_url https://usn.ubuntu.com/1501-1/
reference_id USN-1501-1
reference_type
scores
url https://usn.ubuntu.com/1501-1/
fixed_packages
0
url pkg:deb/debian/nova@2012.1.1-5?distro=trixie
purl pkg:deb/debian/nova@2012.1.1-5?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2012.1.1-5%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ajec-k7qb-6yek
1
vulnerability VCID-fpvj-5qws-tydy
2
vulnerability VCID-rk1s-qbb6-2yh5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u4%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.1-2%3Fdistro=trixie
aliases CVE-2012-3371, GHSA-xxgm-qpj5-4886, PYSEC-2012-40
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u7ma-975h-ebbr
56
url VCID-uyea-wvyg-gyd1
vulnerability_id VCID-uyea-wvyg-gyd1
summary 
OpenStack Nova DoS by rebuilding the same instance with a new image multiple times
An issue was discovered in the default FilterScheduler in OpenStack Nova 16.0.3. By repeatedly rebuilding an instance with new images, an authenticated user may consume untracked resources on a hypervisor host leading to a denial of service, aka doubled resource allocations. This regression was introduced with the fix for OSSA-2017-005 (CVE-2017-16239); however, only Nova stable/pike or later deployments with that fix applied and relying on the default FilterScheduler are affected.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-17051
reference_id
reference_type
scores
0
value 0.00841
scoring_system epss
scoring_elements 0.75034
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-17051
1
reference_url https://github.com/openstack/nova
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova
2
reference_url https://github.com/openstack/nova/commit/25a1d78e83065c5bea5d8e0a017fd9d0914d41d9
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/25a1d78e83065c5bea5d8e0a017fd9d0914d41d9
3
reference_url https://github.com/openstack/nova/commit/fed660c1189fdf4159d97badfdc8c5b35ad14f23
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/fed660c1189fdf4159d97badfdc8c5b35ad14f23
4
reference_url https://launchpad.net/bugs/1732976
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://launchpad.net/bugs/1732976
5
reference_url https://review.openstack.org/521662
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://review.openstack.org/521662
6
reference_url https://review.openstack.org/523214
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://review.openstack.org/523214
7
reference_url https://security.openstack.org/ossa/OSSA-2017-006.html
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.openstack.org/ossa/OSSA-2017-006.html
8
reference_url http://www.securityfocus.com/bid/102102
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/102102
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883621
reference_id 883621
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883621
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-17051
reference_id CVE-2017-17051
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-17051
11
reference_url https://github.com/advisories/GHSA-vq76-rxx3-4r4r
reference_id GHSA-vq76-rxx3-4r4r
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vq76-rxx3-4r4r
fixed_packages
0
url pkg:deb/debian/nova@2:16.0.3-6?distro=trixie
purl pkg:deb/debian/nova@2:16.0.3-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:16.0.3-6%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ajec-k7qb-6yek
1
vulnerability VCID-fpvj-5qws-tydy
2
vulnerability VCID-rk1s-qbb6-2yh5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u4%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.1-2%3Fdistro=trixie
aliases CVE-2017-17051, GHSA-vq76-rxx3-4r4r
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uyea-wvyg-gyd1
57
url VCID-vr1y-xf1h-gbhf
vulnerability_id VCID-vr1y-xf1h-gbhf
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-40767.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-40767.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-40767
reference_id
reference_type
scores
0
value 0.00835
scoring_system epss
scoring_elements 0.74947
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-40767
2
reference_url https://github.com/openstack/nova
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova
3
reference_url https://launchpad.net/bugs/2071734
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
2
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-24T14:47:09Z/
url https://launchpad.net/bugs/2071734
4
reference_url https://lists.debian.org/debian-lts-announce/2024/09/msg00017.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2024/09/msg00017.html
5
reference_url https://review.opendev.org/c/openstack/nova/+/924731
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://review.opendev.org/c/openstack/nova/+/924731
6
reference_url https://security.openstack.org
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
2
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-24T14:47:09Z/
url https://security.openstack.org
7
reference_url https://security.openstack.org/ossa/OSSA-2024-002.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
2
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-24T14:47:09Z/
url https://security.openstack.org/ossa/OSSA-2024-002.html
8
reference_url https://www.openwall.com/lists/oss-security/2024/07/23/2
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
2
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-24T14:47:09Z/
url https://www.openwall.com/lists/oss-security/2024/07/23/2
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2297217
reference_id 2297217
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2297217
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-40767
reference_id CVE-2024-40767
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-40767
11
reference_url https://github.com/advisories/GHSA-rm86-h44c-2r2m
reference_id GHSA-rm86-h44c-2r2m
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rm86-h44c-2r2m
12
reference_url https://access.redhat.com/errata/RHSA-2024:5082
reference_id RHSA-2024:5082
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5082
13
reference_url https://access.redhat.com/errata/RHSA-2024:5083
reference_id RHSA-2024:5083
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5083
14
reference_url https://access.redhat.com/errata/RHSA-2024:5097
reference_id RHSA-2024:5097
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5097
15
reference_url https://access.redhat.com/errata/RHSA-2024:5113
reference_id RHSA-2024:5113
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5113
16
reference_url https://usn.ubuntu.com/6911-1/
reference_id USN-6911-1
reference_type
scores
url https://usn.ubuntu.com/6911-1/
fixed_packages
0
url pkg:deb/debian/nova@0?distro=trixie
purl pkg:deb/debian/nova@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@0%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ajec-k7qb-6yek
1
vulnerability VCID-fpvj-5qws-tydy
2
vulnerability VCID-rk1s-qbb6-2yh5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u4%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.1-2%3Fdistro=trixie
aliases CVE-2024-40767, GHSA-rm86-h44c-2r2m
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vr1y-xf1h-gbhf
58
url VCID-wdf1-puxa-17hb
vulnerability_id VCID-wdf1-puxa-17hb
summary The i_create_images_and_backing (aka create_images_and_backing) method in libvirt driver in OpenStack Compute (Nova) Grizzly, Havana, and Icehouse, when using KVM live block migration, does not properly create all expected files, which allows attackers to obtain snapshot root disk contents of other users via ephemeral storage.
references
0
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127732.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127732.html
1
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127735.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127735.html
2
reference_url http://osvdb.org/102416
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://osvdb.org/102416
3
reference_url http://rhn.redhat.com/errata/RHSA-2014-0231.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-0231.html
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-7130
reference_id
reference_type
scores
0
value 0.03132
scoring_system epss
scoring_elements 0.87099
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-7130
5
reference_url https://bugs.launchpad.net/nova/+bug/1251590
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/nova/+bug/1251590
6
reference_url http://secunia.com/advisories/56450
reference_id
reference_type
scores
url http://secunia.com/advisories/56450
7
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/90652
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/90652
8
reference_url https://github.com/openstack/nova
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova
9
reference_url https://github.com/openstack/nova/commit/15ee7e17f63f5583307a546ecf28952c364c88f9
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/15ee7e17f63f5583307a546ecf28952c364c88f9
10
reference_url https://github.com/openstack/nova/commit/b0d36683fe064b32cbef013e1c0c46bd018ab9a1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/b0d36683fe064b32cbef013e1c0c46bd018ab9a1
11
reference_url https://github.com/openstack/nova/commit/cbeb5e51886b0296349fc476305bfe3d63c627c3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/cbeb5e51886b0296349fc476305bfe3d63c627c3
12
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/nova/PYSEC-2014-111.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/nova/PYSEC-2014-111.yaml
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-7130
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-7130
14
reference_url https://review.openstack.org/#/c/68658
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://review.openstack.org/#/c/68658
15
reference_url https://review.openstack.org/#/c/68658/
reference_id
reference_type
scores
url https://review.openstack.org/#/c/68658/
16
reference_url https://review.openstack.org/#/c/68659
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://review.openstack.org/#/c/68659
17
reference_url https://review.openstack.org/#/c/68659/
reference_id
reference_type
scores
url https://review.openstack.org/#/c/68659/
18
reference_url https://review.openstack.org/#/c/68660
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://review.openstack.org/#/c/68660
19
reference_url https://review.openstack.org/#/c/68660/
reference_id
reference_type
scores
url https://review.openstack.org/#/c/68660/
20
reference_url http://www.openwall.com/lists/oss-security/2014/01/23/5
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2014/01/23/5
21
reference_url http://www.securityfocus.com/bid/65106
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/65106
22
reference_url http://www.ubuntu.com/usn/USN-2247-1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-2247-1
23
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=736465
reference_id 736465
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=736465
24
reference_url https://usn.ubuntu.com/2247-1/
reference_id USN-2247-1
reference_type
scores
url https://usn.ubuntu.com/2247-1/
fixed_packages
0
url pkg:deb/debian/nova@2013.2.2?distro=trixie
purl pkg:deb/debian/nova@2013.2.2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2013.2.2%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ajec-k7qb-6yek
1
vulnerability VCID-fpvj-5qws-tydy
2
vulnerability VCID-rk1s-qbb6-2yh5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u4%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.1-2%3Fdistro=trixie
aliases CVE-2013-7130, GHSA-99rx-9x8v-9j8p, PYSEC-2014-111
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wdf1-puxa-17hb
59
url VCID-xash-dc2m-2fa3
vulnerability_id VCID-xash-dc2m-2fa3
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4469
reference_id
reference_type
scores
0
value 0.0006
scoring_system epss
scoring_elements 0.19063
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4469
1
reference_url https://bugs.launchpad.net/nova/+bug/1206081
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/nova/+bug/1206081
2
reference_url https://github.com/openstack/nova
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova
3
reference_url https://github.com/openstack/nova/commit/135faa7b5d9855312bedc19e5e1ecebae34d3d18
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/135faa7b5d9855312bedc19e5e1ecebae34d3d18
4
reference_url https://github.com/openstack/nova/commit/3cdfe894ab58f7b91bf7fb690fc5bc724e44066f
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/3cdfe894ab58f7b91bf7fb690fc5bc724e44066f
5
reference_url https://github.com/openstack/nova/commit/f6810be4ae1a6c93e7d8017ee67d5344dfdf4a30
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/f6810be4ae1a6c93e7d8017ee67d5344dfdf4a30
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-4469
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-4469
7
reference_url http://www.openwall.com/lists/oss-security/2013/10/31/3
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2013/10/31/3
8
reference_url http://www.ubuntu.com/usn/USN-2247-1
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-2247-1
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=728605
reference_id 728605
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=728605
10
reference_url https://usn.ubuntu.com/2247-1/
reference_id USN-2247-1
reference_type
scores
url https://usn.ubuntu.com/2247-1/
fixed_packages
0
url pkg:deb/debian/nova@2013.2-3?distro=trixie
purl pkg:deb/debian/nova@2013.2-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2013.2-3%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ajec-k7qb-6yek
1
vulnerability VCID-fpvj-5qws-tydy
2
vulnerability VCID-rk1s-qbb6-2yh5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u4%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.1-2%3Fdistro=trixie
aliases CVE-2013-4469, GHSA-2w87-5qcj-j6gx
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xash-dc2m-2fa3
60
url VCID-xauw-u24d-uqfu
vulnerability_id VCID-xauw-u24d-uqfu
summary 
OpenStack Nova Filter Scheduler Bypass
In OpenStack Nova through 14.0.9, 15.x through 15.0.7, and 16.x through 16.0.2, by rebuilding an instance, an authenticated user may be able to circumvent the Filter Scheduler bypassing imposed filters (for example, the ImagePropertiesFilter or the IsolatedHostsFilter). All setups using Nova Filter Scheduler are affected. Because of the regression described in Launchpad Bug #1732947, the preferred fix is a 14.x version after 14.0.10, a 15.x version after 15.0.8, or a 16.x version after 16.0.3.
references
0
reference_url https://access.redhat.com/errata/RHSA-2018:0241
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:0241
1
reference_url https://access.redhat.com/errata/RHSA-2018:0314
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:0314
2
reference_url https://access.redhat.com/errata/RHSA-2018:0369
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:0369
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-16239
reference_id
reference_type
scores
0
value 0.00385
scoring_system epss
scoring_elements 0.60038
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-16239
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.6
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:S/C:P/I:N/A:P
1
value 4.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/openstack/nova
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova
6
reference_url https://github.com/openstack/nova/commit/698b261a5a2a6c0f31ef5059046ef7196d5cba30
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/698b261a5a2a6c0f31ef5059046ef7196d5cba30
7
reference_url https://github.com/openstack/nova/commit/984dd8ad6add4523d93c7ce5a666a32233e02e34
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/984dd8ad6add4523d93c7ce5a666a32233e02e34
8
reference_url https://github.com/openstack/nova/commit/9e2d63da94db63d97bd02e373bfc53d95808b833
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/9e2d63da94db63d97bd02e373bfc53d95808b833
9
reference_url https://github.com/openstack/nova/commit/b72105c1c49fcddc94992af63fc2f8078023491a
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/b72105c1c49fcddc94992af63fc2f8078023491a
10
reference_url https://launchpad.net/bugs/1664931
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://launchpad.net/bugs/1664931
11
reference_url https://security.openstack.org/ossa/OSSA-2017-005.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.openstack.org/ossa/OSSA-2017-005.html
12
reference_url https://www.debian.org/security/2017/dsa-4056
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2017/dsa-4056
13
reference_url http://www.securityfocus.com/bid/101950
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/101950
14
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882009
reference_id 882009
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882009
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-16239
reference_id CVE-2017-16239
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-16239
16
reference_url https://github.com/advisories/GHSA-w2wf-cgwh-vpqg
reference_id GHSA-w2wf-cgwh-vpqg
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-w2wf-cgwh-vpqg
fixed_packages
0
url pkg:deb/debian/nova@2:16.0.3-1?distro=trixie
purl pkg:deb/debian/nova@2:16.0.3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:16.0.3-1%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ajec-k7qb-6yek
1
vulnerability VCID-fpvj-5qws-tydy
2
vulnerability VCID-rk1s-qbb6-2yh5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u4%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.1-2%3Fdistro=trixie
aliases CVE-2017-16239, GHSA-w2wf-cgwh-vpqg
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xauw-u24d-uqfu
61
url VCID-ywya-kfum-mke1
vulnerability_id VCID-ywya-kfum-mke1
summary An issue was discovered in Guest.migrate in virt/libvirt/guest.py in OpenStack Nova before 19.3.1, 20.x before 20.3.1, and 21.0.0. By performing a soft reboot of an instance that has previously undergone live migration, a user may gain access to destination host devices that share the same paths as host devices previously referenced by the virtual machine on the source host. This can include block devices that map to different Cinder volumes at the destination than at the source. Only deployments allowing host-based connections (for instance, root and ephemeral devices) are affected.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-17376
reference_id
reference_type
scores
0
value 0.00385
scoring_system epss
scoring_elements 0.60027
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-17376
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://github.com/openstack/nova
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova
3
reference_url https://github.com/openstack/nova/commit/1bb8ee95d4c3ddc3f607ac57526b75af1b7fbcff
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/1bb8ee95d4c3ddc3f607ac57526b75af1b7fbcff
4
reference_url https://github.com/openstack/nova/commit/2faf17995dd9daa6f0b91e44be43264e447c678d
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/2faf17995dd9daa6f0b91e44be43264e447c678d
5
reference_url https://github.com/openstack/nova/commit/a721ca5f510ce3c8ef24f22dac9e475b3d7651db
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/a721ca5f510ce3c8ef24f22dac9e475b3d7651db
6
reference_url https://github.com/openstack/nova/commit/b9ea91d17703f5b324a50727b6503ace0f4e95eb
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/b9ea91d17703f5b324a50727b6503ace0f4e95eb
7
reference_url https://github.com/openstack/nova/commit/c438fd9a0eb1903306a53ab44e3ae80660d8a429
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/c438fd9a0eb1903306a53ab44e3ae80660d8a429
8
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/nova/PYSEC-2020-243.yaml
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/nova/PYSEC-2020-243.yaml
9
reference_url https://launchpad.net/bugs/1890501
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://launchpad.net/bugs/1890501
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-17376
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-17376
11
reference_url https://security.openstack.org/ossa/OSSA-2020-006.html
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.openstack.org/ossa/OSSA-2020-006.html
12
reference_url http://www.openwall.com/lists/oss-security/2020/08/25/4
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2020/08/25/4
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=969052
reference_id 969052
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=969052
14
reference_url https://usn.ubuntu.com/5866-1/
reference_id USN-5866-1
reference_type
scores
url https://usn.ubuntu.com/5866-1/
fixed_packages
0
url pkg:deb/debian/nova@2:21.1.0-1?distro=trixie
purl pkg:deb/debian/nova@2:21.1.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:21.1.0-1%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ajec-k7qb-6yek
1
vulnerability VCID-fpvj-5qws-tydy
2
vulnerability VCID-rk1s-qbb6-2yh5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u4%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.1-2%3Fdistro=trixie
aliases CVE-2020-17376, GHSA-c7w7-9c85-4qxv, PYSEC-2020-243
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ywya-kfum-mke1
62
url VCID-z1bn-znt4-57cg
vulnerability_id VCID-z1bn-znt4-57cg
summary 
OpenStack Nova VMware instance leak potentially leading to compute DoS
The VMware driver in OpenStack Compute (Nova) before 2014.1.4 allows remote authenticated users to cause a denial of service (disk consumption) by deleting an instance in the resize state.
references
0
reference_url http://lists.openstack.org/pipermail/openstack-announce/2014-October/000298.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.openstack.org/pipermail/openstack-announce/2014-October/000298.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2015-0843.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0843.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2015-0844.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0844.html
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-8333
reference_id
reference_type
scores
0
value 0.00736
scoring_system epss
scoring_elements 0.73134
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-8333
4
reference_url https://bugs.launchpad.net/nova/+bug/1359138
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/nova/+bug/1359138
5
reference_url http://secunia.com/advisories/60531
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/60531
6
reference_url https://github.com/openstack/nova
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova
7
reference_url https://github.com/openstack/nova/commit/d71445c7d2d2921d10a08f82330f0ab8ef4f7df2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/d71445c7d2d2921d10a08f82330f0ab8ef4f7df2
8
reference_url https://github.com/openstack/nova/commit/e1f8664c9fa83f77f5bb763ffcc3157905ed954c
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/e1f8664c9fa83f77f5bb763ffcc3157905ed954c
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-8333
reference_id CVE-2014-8333
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-8333
10
reference_url https://github.com/advisories/GHSA-g63p-mfcm-54c4
reference_id GHSA-g63p-mfcm-54c4
reference_type
scores
url https://github.com/advisories/GHSA-g63p-mfcm-54c4
fixed_packages
0
url pkg:deb/debian/nova@2014.1.3-7?distro=trixie
purl pkg:deb/debian/nova@2014.1.3-7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2014.1.3-7%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ajec-k7qb-6yek
1
vulnerability VCID-fpvj-5qws-tydy
2
vulnerability VCID-rk1s-qbb6-2yh5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u4%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.1-2%3Fdistro=trixie
aliases CVE-2014-8333, GHSA-g63p-mfcm-54c4
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z1bn-znt4-57cg
63
url VCID-zv1m-f3pu-uqdc
vulnerability_id VCID-zv1m-f3pu-uqdc
summary 
OpenStack Nova Denial of Service in network source security groups
Algorithmic complexity vulnerability in OpenStack Compute (Nova) before 2013.1.3 and Havana before havana-3 does not properly handle network source security group policy updates, which allows remote authenticated users to cause a denial of service (nova-network consumption) via a large number of server-creation operations, which triggers a large number of update requests.
references
0
reference_url http://github.com/openstack/nova/commit/52ad911963da4095b213952dee3a430fe0c4c30f
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://github.com/openstack/nova/commit/52ad911963da4095b213952dee3a430fe0c4c30f
1
reference_url http://github.com/openstack/nova/commit/85aac04704350566d6b06aa7a3b99649946c672c
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://github.com/openstack/nova/commit/85aac04704350566d6b06aa7a3b99649946c672c
2
reference_url http://github.com/openstack/nova/commit/d4ee081c5c0a5132781235177c430ebcf72b0b0b
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://github.com/openstack/nova/commit/d4ee081c5c0a5132781235177c430ebcf72b0b0b
3
reference_url http://rhn.redhat.com/errata/RHSA-2013-1199.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-1199.html
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4185
reference_id
reference_type
scores
0
value 0.00583
scoring_system epss
scoring_elements 0.69296
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4185
5
reference_url https://bugs.launchpad.net/nova/+bug/1184041
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/nova/+bug/1184041
6
reference_url http://seclists.org/oss-sec/2013/q3/282
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/oss-sec/2013/q3/282
7
reference_url https://github.com/openstack/nova
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=718907
reference_id 718907
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=718907
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-4185
reference_id CVE-2013-4185
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-4185
10
reference_url https://github.com/advisories/GHSA-ph2h-hh49-vh27
reference_id GHSA-ph2h-hh49-vh27
reference_type
scores
url https://github.com/advisories/GHSA-ph2h-hh49-vh27
11
reference_url https://usn.ubuntu.com/2000-1/
reference_id USN-2000-1
reference_type
scores
url https://usn.ubuntu.com/2000-1/
fixed_packages
0
url pkg:deb/debian/nova@2013.1.2-3?distro=trixie
purl pkg:deb/debian/nova@2013.1.2-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2013.1.2-3%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ajec-k7qb-6yek
1
vulnerability VCID-fpvj-5qws-tydy
2
vulnerability VCID-rk1s-qbb6-2yh5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u4%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.1-2%3Fdistro=trixie
aliases CVE-2013-4185, GHSA-ph2h-hh49-vh27
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zv1m-f3pu-uqdc
64
url VCID-zww8-cs3r-9yax
vulnerability_id VCID-zww8-cs3r-9yax
summary 
OpenStack Nova Multiple directory traversal vulnerabilities
Multiple directory traversal vulnerabilities in OpenStack Nova before 2011.3.1, when the EC2 API and the S3/RegisterImage image-registration method are enabled, allow remote authenticated users to overwrite arbitrary files via a crafted (1) tarball or (2) manifest.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-4596
reference_id
reference_type
scores
0
value 0.00541
scoring_system epss
scoring_elements 0.67937
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-4596
1
reference_url https://bugs.launchpad.net/nova/+bug/885167
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/nova/+bug/885167
2
reference_url https://bugs.launchpad.net/nova/+bug/894755
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/nova/+bug/894755
3
reference_url https://github.com/openstack/nova
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova
4
reference_url https://github.com/openstack/nova/commit/76363226bd8533256f7795bba358d7f4b8a6c9e6
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/76363226bd8533256f7795bba358d7f4b8a6c9e6
5
reference_url https://github.com/openstack/nova/commit/ad3241929ea00569c74505ed002208ce360c667e
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/ad3241929ea00569c74505ed002208ce360c667e
6
reference_url https://lists.launchpad.net/openstack/msg06105.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.launchpad.net/openstack/msg06105.html
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2011-4596
reference_id CVE-2011-4596
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2011-4596
8
reference_url https://github.com/advisories/GHSA-qr62-r9xc-r2gj
reference_id GHSA-qr62-r9xc-r2gj
reference_type
scores
url https://github.com/advisories/GHSA-qr62-r9xc-r2gj
9
reference_url https://usn.ubuntu.com/1305-1/
reference_id USN-1305-1
reference_type
scores
url https://usn.ubuntu.com/1305-1/
fixed_packages
0
url pkg:deb/debian/nova@2012.1~e1-4?distro=trixie
purl pkg:deb/debian/nova@2012.1~e1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2012.1~e1-4%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ajec-k7qb-6yek
1
vulnerability VCID-fpvj-5qws-tydy
2
vulnerability VCID-rk1s-qbb6-2yh5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u4%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.1-2%3Fdistro=trixie
aliases CVE-2011-4596, GHSA-qr62-r9xc-r2gj
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zww8-cs3r-9yax
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.1-2%3Fdistro=trixie