Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/nova@0?distro=trixie
Typedeb
Namespacedebian
Namenova
Version0
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version2012-1~rc3-1
Latest_non_vulnerable_version2:33.0.0-4
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-5tkb-w761-4qc6
vulnerability_id VCID-5tkb-w761-4qc6
summary keystone/middleware/auth_token.py in OpenStack Nova Folsom, Grizzly, and Havana uses an insecure temporary directory for storing signing certificates, which allows local users to spoof servers by pre-creating this directory, which is reused by Nova, as demonstrated using /tmp/keystone-signing-nova on Fedora.
references
0
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105916.html
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105916.html
1
reference_url http://lists.openstack.org/pipermail/openstack-announce/2013-May/000098.html
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.openstack.org/pipermail/openstack-announce/2013-May/000098.html
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-2030
reference_id
reference_type
scores
0
value 0.00035
scoring_system epss
scoring_elements 0.10466
published_at 2026-04-13T12:55:00Z
1
value 0.00035
scoring_system epss
scoring_elements 0.10489
published_at 2026-04-12T12:55:00Z
2
value 0.00035
scoring_system epss
scoring_elements 0.10522
published_at 2026-04-11T12:55:00Z
3
value 0.00035
scoring_system epss
scoring_elements 0.10491
published_at 2026-04-09T12:55:00Z
4
value 0.00035
scoring_system epss
scoring_elements 0.10428
published_at 2026-04-08T12:55:00Z
5
value 0.00035
scoring_system epss
scoring_elements 0.10354
published_at 2026-04-07T12:55:00Z
6
value 0.00035
scoring_system epss
scoring_elements 0.10494
published_at 2026-04-04T12:55:00Z
7
value 0.00035
scoring_system epss
scoring_elements 0.10426
published_at 2026-04-02T12:55:00Z
8
value 0.00035
scoring_system epss
scoring_elements 0.10307
published_at 2026-04-18T12:55:00Z
9
value 0.00035
scoring_system epss
scoring_elements 0.10334
published_at 2026-04-16T12:55:00Z
10
value 0.00035
scoring_system epss
scoring_elements 0.10437
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-2030
3
reference_url https://bugs.launchpad.net/nova/+bug/1174608
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/nova/+bug/1174608
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=958285
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=958285
5
reference_url https://github.com/openstack/nova
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova
6
reference_url https://github.com/openstack/nova/commit/58d6879b1caaa750c39c8e452a0634c24ffef2ce
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/58d6879b1caaa750c39c8e452a0634c24ffef2ce
7
reference_url https://github.com/openstack/nova/commit/74aa04e2ca7942cb1e1a86dcbaffeb72d260ccd7
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/74aa04e2ca7942cb1e1a86dcbaffeb72d260ccd7
8
reference_url https://github.com/openstack/nova/commit/7bf3e8d3e254d817ff5ae7ef1f2884b10410ca60
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/7bf3e8d3e254d817ff5ae7ef1f2884b10410ca60
9
reference_url https://github.com/openstack/python-keystoneclient/commit/1736e2ffb12f70eeebed019448bc14def48aa036
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/python-keystoneclient/commit/1736e2ffb12f70eeebed019448bc14def48aa036
10
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/nova/PYSEC-2013-45.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/nova/PYSEC-2013-45.yaml
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-2030
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-2030
12
reference_url http://www.openwall.com/lists/oss-security/2013/05/09/2
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2013/05/09/2
13
reference_url https://github.com/advisories/GHSA-pxxv-rv32-2qgv
reference_id GHSA-pxxv-rv32-2qgv
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-pxxv-rv32-2qgv
fixed_packages
0
url pkg:deb/debian/nova@0?distro=trixie
purl pkg:deb/debian/nova@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@0%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-hd9e-1msb-uqa6
1
vulnerability VCID-m5vc-4my3-87gk
2
vulnerability VCID-zwuz-pgjz-rkb9
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u3?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u3%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:33.0.0~rc1-5?distro=trixie
purl pkg:deb/debian/nova@2:33.0.0~rc1-5?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.0~rc1-5%3Fdistro=trixie
5
url pkg:deb/debian/nova@2:33.0.0-1?distro=trixie
purl pkg:deb/debian/nova@2:33.0.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.0-1%3Fdistro=trixie
6
url pkg:deb/debian/nova@2:33.0.0-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.0-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.0-2%3Fdistro=trixie
7
url pkg:deb/debian/nova@2:33.0.0-3?distro=trixie
purl pkg:deb/debian/nova@2:33.0.0-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.0-3%3Fdistro=trixie
8
url pkg:deb/debian/nova@2:33.0.0-4?distro=trixie
purl pkg:deb/debian/nova@2:33.0.0-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.0-4%3Fdistro=trixie
aliases CVE-2013-2030, GHSA-pxxv-rv32-2qgv, PYSEC-2013-45
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5tkb-w761-4qc6
1
url VCID-9vq2-2nsa-bbfa
vulnerability_id VCID-9vq2-2nsa-bbfa
summary openstack-nova: Nova VMware driver may connect VNC to another tenant's console
references
0
reference_url http://lists.openstack.org/pipermail/openstack-announce/2014-October/000293.html
reference_id
reference_type
scores
url http://lists.openstack.org/pipermail/openstack-announce/2014-October/000293.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2014-1689.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2014-1689.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2014-1781.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2014-1781.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2014-1782.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2014-1782.html
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8750.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8750.json
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-8750
reference_id
reference_type
scores
0
value 0.00929
scoring_system epss
scoring_elements 0.76109
published_at 2026-04-21T12:55:00Z
1
value 0.00929
scoring_system epss
scoring_elements 0.76126
published_at 2026-04-18T12:55:00Z
2
value 0.00929
scoring_system epss
scoring_elements 0.7602
published_at 2026-04-01T12:55:00Z
3
value 0.00929
scoring_system epss
scoring_elements 0.76023
published_at 2026-04-02T12:55:00Z
4
value 0.00929
scoring_system epss
scoring_elements 0.76056
published_at 2026-04-04T12:55:00Z
5
value 0.00929
scoring_system epss
scoring_elements 0.76035
published_at 2026-04-07T12:55:00Z
6
value 0.00929
scoring_system epss
scoring_elements 0.76068
published_at 2026-04-08T12:55:00Z
7
value 0.00929
scoring_system epss
scoring_elements 0.76083
published_at 2026-04-09T12:55:00Z
8
value 0.00929
scoring_system epss
scoring_elements 0.76108
published_at 2026-04-11T12:55:00Z
9
value 0.00929
scoring_system epss
scoring_elements 0.76084
published_at 2026-04-12T12:55:00Z
10
value 0.00929
scoring_system epss
scoring_elements 0.76081
published_at 2026-04-13T12:55:00Z
11
value 0.00929
scoring_system epss
scoring_elements 0.76121
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-8750
6
reference_url https://bugs.launchpad.net/nova/+bug/1357372
reference_id
reference_type
scores
url https://bugs.launchpad.net/nova/+bug/1357372
7
reference_url http://secunia.com/advisories/60227
reference_id
reference_type
scores
url http://secunia.com/advisories/60227
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:S/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url http://www.openwall.com/lists/oss-security/2014/10/14/9
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2014/10/14/9
10
reference_url http://www.securityfocus.com/bid/70182
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/70182
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1152346
reference_id 1152346
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1152346
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:nova:2014.2:milestone1:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:nova:2014.2:milestone1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:nova:2014.2:milestone1:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:nova:2014.2:milestone2:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:nova:2014.2:milestone2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:nova:2014.2:milestone2:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:nova:2014.2:milestone3:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:nova:2014.2:milestone3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:nova:2014.2:milestone3:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-8750
reference_id CVE-2014-8750
reference_type
scores
0
value 6.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:P/I:P/A:P
url https://nvd.nist.gov/vuln/detail/CVE-2014-8750
17
reference_url https://access.redhat.com/errata/RHSA-2014:1689
reference_id RHSA-2014:1689
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1689
fixed_packages
0
url pkg:deb/debian/nova@0?distro=trixie
purl pkg:deb/debian/nova@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@0%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-hd9e-1msb-uqa6
1
vulnerability VCID-m5vc-4my3-87gk
2
vulnerability VCID-zwuz-pgjz-rkb9
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u3?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u3%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:33.0.0~rc1-5?distro=trixie
purl pkg:deb/debian/nova@2:33.0.0~rc1-5?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.0~rc1-5%3Fdistro=trixie
5
url pkg:deb/debian/nova@2:33.0.0-1?distro=trixie
purl pkg:deb/debian/nova@2:33.0.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.0-1%3Fdistro=trixie
6
url pkg:deb/debian/nova@2:33.0.0-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.0-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.0-2%3Fdistro=trixie
7
url pkg:deb/debian/nova@2:33.0.0-3?distro=trixie
purl pkg:deb/debian/nova@2:33.0.0-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.0-3%3Fdistro=trixie
8
url pkg:deb/debian/nova@2:33.0.0-4?distro=trixie
purl pkg:deb/debian/nova@2:33.0.0-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.0-4%3Fdistro=trixie
aliases CVE-2014-8750
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9vq2-2nsa-bbfa
2
url VCID-e6ne-73mv-73bc
vulnerability_id VCID-e6ne-73mv-73bc
summary 
OpenStack Nova vulnerable to unauthorized access to potentially sensitive data
In OpenStack Nova before 27.4.1, 28 before 28.2.1, and 29 before 29.1.1, by supplying a raw format image that is actually a crafted QCOW2 image with a backing file path or VMDK flat image with a descriptor file path, an authenticated user may convince systems to return a copy of the referenced file's contents from the server, resulting in unauthorized access to potentially sensitive data. All Nova deployments are affected. NOTE: this issue exists because of an incomplete fix for CVE-2022-47951 and CVE-2024-32498.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-40767.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-40767.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-40767
reference_id
reference_type
scores
0
value 0.00835
scoring_system epss
scoring_elements 0.74662
published_at 2026-04-21T12:55:00Z
1
value 0.00835
scoring_system epss
scoring_elements 0.74671
published_at 2026-04-18T12:55:00Z
2
value 0.00835
scoring_system epss
scoring_elements 0.74663
published_at 2026-04-16T12:55:00Z
3
value 0.00835
scoring_system epss
scoring_elements 0.74627
published_at 2026-04-13T12:55:00Z
4
value 0.00835
scoring_system epss
scoring_elements 0.74635
published_at 2026-04-12T12:55:00Z
5
value 0.00835
scoring_system epss
scoring_elements 0.74655
published_at 2026-04-11T12:55:00Z
6
value 0.00835
scoring_system epss
scoring_elements 0.74632
published_at 2026-04-09T12:55:00Z
7
value 0.00835
scoring_system epss
scoring_elements 0.74618
published_at 2026-04-08T12:55:00Z
8
value 0.00835
scoring_system epss
scoring_elements 0.74586
published_at 2026-04-07T12:55:00Z
9
value 0.00835
scoring_system epss
scoring_elements 0.74612
published_at 2026-04-04T12:55:00Z
10
value 0.00835
scoring_system epss
scoring_elements 0.74585
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-40767
2
reference_url https://github.com/openstack/nova
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova
3
reference_url https://launchpad.net/bugs/2071734
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
2
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-24T14:47:09Z/
url https://launchpad.net/bugs/2071734
4
reference_url https://lists.debian.org/debian-lts-announce/2024/09/msg00017.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2024/09/msg00017.html
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-40767
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-40767
6
reference_url https://review.opendev.org/c/openstack/nova/+/924731
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://review.opendev.org/c/openstack/nova/+/924731
7
reference_url https://security.openstack.org
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
2
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-24T14:47:09Z/
url https://security.openstack.org
8
reference_url https://security.openstack.org/ossa/OSSA-2024-002.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
2
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-24T14:47:09Z/
url https://security.openstack.org/ossa/OSSA-2024-002.html
9
reference_url https://www.openwall.com/lists/oss-security/2024/07/23/2
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
2
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-24T14:47:09Z/
url https://www.openwall.com/lists/oss-security/2024/07/23/2
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2297217
reference_id 2297217
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2297217
11
reference_url https://github.com/advisories/GHSA-rm86-h44c-2r2m
reference_id GHSA-rm86-h44c-2r2m
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rm86-h44c-2r2m
12
reference_url https://access.redhat.com/errata/RHSA-2024:5082
reference_id RHSA-2024:5082
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5082
13
reference_url https://access.redhat.com/errata/RHSA-2024:5083
reference_id RHSA-2024:5083
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5083
14
reference_url https://access.redhat.com/errata/RHSA-2024:5097
reference_id RHSA-2024:5097
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5097
15
reference_url https://access.redhat.com/errata/RHSA-2024:5113
reference_id RHSA-2024:5113
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5113
16
reference_url https://usn.ubuntu.com/6911-1/
reference_id USN-6911-1
reference_type
scores
url https://usn.ubuntu.com/6911-1/
fixed_packages
0
url pkg:deb/debian/nova@0?distro=trixie
purl pkg:deb/debian/nova@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@0%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-hd9e-1msb-uqa6
1
vulnerability VCID-m5vc-4my3-87gk
2
vulnerability VCID-zwuz-pgjz-rkb9
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u3?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u3%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:33.0.0~rc1-5?distro=trixie
purl pkg:deb/debian/nova@2:33.0.0~rc1-5?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.0~rc1-5%3Fdistro=trixie
5
url pkg:deb/debian/nova@2:33.0.0-1?distro=trixie
purl pkg:deb/debian/nova@2:33.0.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.0-1%3Fdistro=trixie
6
url pkg:deb/debian/nova@2:33.0.0-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.0-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.0-2%3Fdistro=trixie
7
url pkg:deb/debian/nova@2:33.0.0-3?distro=trixie
purl pkg:deb/debian/nova@2:33.0.0-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.0-3%3Fdistro=trixie
8
url pkg:deb/debian/nova@2:33.0.0-4?distro=trixie
purl pkg:deb/debian/nova@2:33.0.0-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.0-4%3Fdistro=trixie
aliases CVE-2024-40767, GHSA-rm86-h44c-2r2m
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e6ne-73mv-73bc
3
url VCID-nryd-hrub-cydj
vulnerability_id VCID-nryd-hrub-cydj
summary OpenStack Compute (Nova) Folsom before 2012.2.2 and Grizzly, when using libvirt and LVM backed instances, does not properly clear physical volume (PV) content when reallocating for instances, which allows attackers to obtain sensitive information by reading the memory of the previous logical volume (LV).
references
0
reference_url http://osvdb.org/88419
reference_id
reference_type
scores
url http://osvdb.org/88419
1
reference_url http://rhn.redhat.com/errata/RHSA-2013-0208.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-0208.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5625.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5625.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-5625
reference_id
reference_type
scores
0
value 0.01057
scoring_system epss
scoring_elements 0.77641
published_at 2026-04-21T12:55:00Z
1
value 0.01057
scoring_system epss
scoring_elements 0.77551
published_at 2026-04-01T12:55:00Z
2
value 0.01057
scoring_system epss
scoring_elements 0.77558
published_at 2026-04-02T12:55:00Z
3
value 0.01057
scoring_system epss
scoring_elements 0.77584
published_at 2026-04-04T12:55:00Z
4
value 0.01057
scoring_system epss
scoring_elements 0.77564
published_at 2026-04-07T12:55:00Z
5
value 0.01057
scoring_system epss
scoring_elements 0.77594
published_at 2026-04-08T12:55:00Z
6
value 0.01057
scoring_system epss
scoring_elements 0.77601
published_at 2026-04-09T12:55:00Z
7
value 0.01057
scoring_system epss
scoring_elements 0.77628
published_at 2026-04-11T12:55:00Z
8
value 0.01057
scoring_system epss
scoring_elements 0.77612
published_at 2026-04-12T12:55:00Z
9
value 0.01057
scoring_system epss
scoring_elements 0.77611
published_at 2026-04-13T12:55:00Z
10
value 0.01057
scoring_system epss
scoring_elements 0.77648
published_at 2026-04-16T12:55:00Z
11
value 0.01057
scoring_system epss
scoring_elements 0.77646
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-5625
4
reference_url https://bugs.launchpad.net/nova/+bug/1070539
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/nova/+bug/1070539
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=884293
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=884293
6
reference_url https://github.com/openstack/nova
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova
7
reference_url https://github.com/openstack/nova/commit/9d2ea970422591f8cdc394001be9a2deca499a5f
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/9d2ea970422591f8cdc394001be9a2deca499a5f
8
reference_url https://github.com/openstack/nova/commit/a99a802e008eed18e39fc1d98170edc495cbd354
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/a99a802e008eed18e39fc1d98170edc495cbd354
9
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/nova/PYSEC-2012-41.yaml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/nova/PYSEC-2012-41.yaml
10
reference_url https://launchpad.net/nova/folsom/2012.2.2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://launchpad.net/nova/folsom/2012.2.2
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-5625
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-5625
12
reference_url http://www.openwall.com/lists/oss-security/2012/12/11/5
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/12/11/5
13
reference_url http://www.securityfocus.com/bid/56904
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/56904
14
reference_url http://www.ubuntu.com/usn/USN-1663-1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-1663-1
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:folsom:2012.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:folsom:2012.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:folsom:2012.2:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:grizzly:-:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:grizzly:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:grizzly:-:*:*:*:*:*:*:*
17
reference_url https://github.com/advisories/GHSA-rwhr-h69g-8qmq
reference_id GHSA-rwhr-h69g-8qmq
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rwhr-h69g-8qmq
18
reference_url https://usn.ubuntu.com/1663-1/
reference_id USN-1663-1
reference_type
scores
url https://usn.ubuntu.com/1663-1/
fixed_packages
0
url pkg:deb/debian/nova@0?distro=trixie
purl pkg:deb/debian/nova@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@0%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-hd9e-1msb-uqa6
1
vulnerability VCID-m5vc-4my3-87gk
2
vulnerability VCID-zwuz-pgjz-rkb9
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u3?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u3%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:33.0.0~rc1-5?distro=trixie
purl pkg:deb/debian/nova@2:33.0.0~rc1-5?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.0~rc1-5%3Fdistro=trixie
5
url pkg:deb/debian/nova@2:33.0.0-1?distro=trixie
purl pkg:deb/debian/nova@2:33.0.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.0-1%3Fdistro=trixie
6
url pkg:deb/debian/nova@2:33.0.0-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.0-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.0-2%3Fdistro=trixie
7
url pkg:deb/debian/nova@2:33.0.0-3?distro=trixie
purl pkg:deb/debian/nova@2:33.0.0-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.0-3%3Fdistro=trixie
8
url pkg:deb/debian/nova@2:33.0.0-4?distro=trixie
purl pkg:deb/debian/nova@2:33.0.0-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.0-4%3Fdistro=trixie
aliases CVE-2012-5625, GHSA-rwhr-h69g-8qmq, PYSEC-2012-41
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nryd-hrub-cydj
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@0%3Fdistro=trixie