Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/nova@2014.2.0
Typepypi
Namespace
Namenova
Version2014.2.0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-1p1c-fevy-bydg
vulnerability_id VCID-1p1c-fevy-bydg
summary 
Insufficient Verification of Data Authenticity
It was discovered that the OpenStack Compute (nova) console websocket does not correctly verify the origin header. An attacker could use this flaw to conduct a cross-site websocket hijack attack. Note that only Compute setups with VNC or SPICE enabled were affected by this flaw.
references
0
reference_url http://lists.openstack.org/pipermail/openstack-announce/2015-March/000341.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.openstack.org/pipermail/openstack-announce/2015-March/000341.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2015-0790.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0790.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2015-0843.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0843.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2015-0844.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0844.html
4
reference_url https://access.redhat.com/errata/RHSA-2015:0790
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2015:0790
5
reference_url https://access.redhat.com/errata/RHSA-2015:0843
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2015:0843
6
reference_url https://access.redhat.com/errata/RHSA-2015:0844
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2015:0844
7
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0259.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0259.json
8
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-0259
reference_id
reference_type
scores
0
value 0.00205
scoring_system epss
scoring_elements 0.42555
published_at 2026-04-24T12:55:00Z
1
value 0.00205
scoring_system epss
scoring_elements 0.42665
published_at 2026-04-12T12:55:00Z
2
value 0.00205
scoring_system epss
scoring_elements 0.42648
published_at 2026-04-13T12:55:00Z
3
value 0.00205
scoring_system epss
scoring_elements 0.42708
published_at 2026-04-16T12:55:00Z
4
value 0.00205
scoring_system epss
scoring_elements 0.42694
published_at 2026-04-18T12:55:00Z
5
value 0.00205
scoring_system epss
scoring_elements 0.42631
published_at 2026-04-21T12:55:00Z
6
value 0.00205
scoring_system epss
scoring_elements 0.42576
published_at 2026-04-01T12:55:00Z
7
value 0.00205
scoring_system epss
scoring_elements 0.42646
published_at 2026-04-02T12:55:00Z
8
value 0.00205
scoring_system epss
scoring_elements 0.42674
published_at 2026-04-04T12:55:00Z
9
value 0.00205
scoring_system epss
scoring_elements 0.42615
published_at 2026-04-07T12:55:00Z
10
value 0.00205
scoring_system epss
scoring_elements 0.42666
published_at 2026-04-08T12:55:00Z
11
value 0.00205
scoring_system epss
scoring_elements 0.42678
published_at 2026-04-09T12:55:00Z
12
value 0.00205
scoring_system epss
scoring_elements 0.42701
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-0259
9
reference_url https://bugs.launchpad.net/nova/+bug/1409142
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/nova/+bug/1409142
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1190112
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1190112
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0259
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0259
12
reference_url https://opendev.org/openstack/nova
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://opendev.org/openstack/nova
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780250
reference_id 780250
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780250
14
reference_url https://access.redhat.com/security/cve/CVE-2015-0259
reference_id CVE-2015-0259
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2015-0259
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-0259
reference_id CVE-2015-0259
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-0259
16
reference_url https://github.com/advisories/GHSA-x8xr-rm9r-7mvf
reference_id GHSA-x8xr-rm9r-7mvf
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-x8xr-rm9r-7mvf
fixed_packages
0
url pkg:pypi/nova@2014.2.3
purl pkg:pypi/nova@2014.2.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/nova@2014.2.3
aliases CVE-2015-0259, GHSA-x8xr-rm9r-7mvf
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1p1c-fevy-bydg
1
url VCID-bauj-n7jg-gkd2
vulnerability_id VCID-bauj-n7jg-gkd2
summary 
OpenStack Compute (Nova) Denial of Service vulnerability
A denial of service flaw was found in the way OpenStack Compute (nova) looked up VM instances based on an IP address filter. An attacker with sufficient privileges on an OpenStack installation with a large amount of VMs could use this flaw to cause the main nova process to block for an extended amount of time.
references
0
reference_url http://lists.openstack.org/pipermail/openstack-announce/2014-October/000301.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.openstack.org/pipermail/openstack-announce/2014-October/000301.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2015-0843.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0843.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2015-0844.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0844.html
3
reference_url https://access.redhat.com/errata/RHSA-2015:0843
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2015:0843
4
reference_url https://access.redhat.com/errata/RHSA-2015:0844
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2015:0844
5
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3708.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3708.json
6
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-3708
reference_id
reference_type
scores
0
value 0.01057
scoring_system epss
scoring_elements 0.77595
published_at 2026-04-09T12:55:00Z
1
value 0.01057
scoring_system epss
scoring_elements 0.77666
published_at 2026-04-24T12:55:00Z
2
value 0.01057
scoring_system epss
scoring_elements 0.77634
published_at 2026-04-21T12:55:00Z
3
value 0.01057
scoring_system epss
scoring_elements 0.77588
published_at 2026-04-08T12:55:00Z
4
value 0.01057
scoring_system epss
scoring_elements 0.77622
published_at 2026-04-11T12:55:00Z
5
value 0.01057
scoring_system epss
scoring_elements 0.7764
published_at 2026-04-18T12:55:00Z
6
value 0.01057
scoring_system epss
scoring_elements 0.77545
published_at 2026-04-01T12:55:00Z
7
value 0.01057
scoring_system epss
scoring_elements 0.77642
published_at 2026-04-16T12:55:00Z
8
value 0.01057
scoring_system epss
scoring_elements 0.77604
published_at 2026-04-13T12:55:00Z
9
value 0.01057
scoring_system epss
scoring_elements 0.77551
published_at 2026-04-02T12:55:00Z
10
value 0.01057
scoring_system epss
scoring_elements 0.77606
published_at 2026-04-12T12:55:00Z
11
value 0.01057
scoring_system epss
scoring_elements 0.77578
published_at 2026-04-04T12:55:00Z
12
value 0.01057
scoring_system epss
scoring_elements 0.77558
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-3708
7
reference_url https://bugs.launchpad.net/nova/+bug/1358583
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/nova/+bug/1358583
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1154951
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1154951
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3708
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3708
10
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:N/I:N/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
11
reference_url https://opendev.org/openstack/nova
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://opendev.org/openstack/nova
12
reference_url https://web.archive.org/web/20200901000000*/http://www.securityfocus.com/bid/70777
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200901000000*/http://www.securityfocus.com/bid/70777
13
reference_url http://www.securityfocus.com/bid/70777
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/70777
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:openstack:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:5.0:*:*:*:*:*:*:*
16
reference_url https://access.redhat.com/security/cve/CVE-2014-3708
reference_id CVE-2014-3708
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2014-3708
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-3708
reference_id CVE-2014-3708
reference_type
scores
0
value 4.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:N/I:N/A:P
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-3708
18
reference_url https://github.com/advisories/GHSA-43hc-pwvx-pmfg
reference_id GHSA-43hc-pwvx-pmfg
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-43hc-pwvx-pmfg
fixed_packages
0
url pkg:pypi/nova@2014.2.1
purl pkg:pypi/nova@2014.2.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/nova@2014.2.1
aliases CVE-2014-3708, GHSA-43hc-pwvx-pmfg
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bauj-n7jg-gkd2
Fixing_vulnerabilities
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/nova@2014.2.0