Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/nova@2013.2.2?distro=trixie

Type deb

Namespace debian

Name nova

Version 2013.2.2

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 2013.2.2-4

Latest_non_vulnerable_version 2:33.0.0-4

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-rvp9-etcr-wycj

vulnerability_id VCID-rvp9-etcr-wycj

summary

OpenStack Nova DoS through ephemeral disk backing files
The libvirt driver in OpenStack Compute (Nova) before 2013.2.2 and icehouse before icehouse-2 allows remote authenticated users to cause a denial of service (disk consumption) by creating and deleting instances with unique os_type settings, which triggers the creation of a new ephemeral disk backing file.

references

reference_url

http://lists.openstack.org/pipermail/openstack-announce/2013-December/000179.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://lists.openstack.org/pipermail/openstack-announce/2013-December/000179.html

reference_url

http://rhn.redhat.com/errata/RHSA-2014-0231.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://rhn.redhat.com/errata/RHSA-2014-0231.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6437.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6437.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-6437

reference_id

reference_type

scores

value	0.00434
scoring_system	epss
scoring_elements	0.62857
published_at	2026-04-18T12:55:00Z

value	0.00434
scoring_system	epss
scoring_elements	0.62849
published_at	2026-04-16T12:55:00Z

value	0.00434
scoring_system	epss
scoring_elements	0.62809
published_at	2026-04-13T12:55:00Z

value	0.00434
scoring_system	epss
scoring_elements	0.62825
published_at	2026-04-09T12:55:00Z

value	0.00434
scoring_system	epss
scoring_elements	0.62837
published_at	2026-04-21T12:55:00Z

value	0.00434
scoring_system	epss
scoring_elements	0.62843
published_at	2026-04-11T12:55:00Z

value	0.00434
scoring_system	epss
scoring_elements	0.62706
published_at	2026-04-01T12:55:00Z

value	0.00434
scoring_system	epss
scoring_elements	0.62762
published_at	2026-04-02T12:55:00Z

value	0.00434
scoring_system	epss
scoring_elements	0.62832
published_at	2026-04-12T12:55:00Z

value	0.00434
scoring_system	epss
scoring_elements	0.62793
published_at	2026-04-04T12:55:00Z

value	0.00434
scoring_system	epss
scoring_elements	0.62757
published_at	2026-04-07T12:55:00Z

value	0.00434
scoring_system	epss
scoring_elements	0.62808
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-6437

reference_url

https://bugs.launchpad.net/nova/+bug/1253980

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugs.launchpad.net/nova/+bug/1253980

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6437
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6437

reference_url

https://github.com/openstack/nova

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/openstack/nova

reference_url

https://github.com/openstack/nova/commit/3e451f1bac57d24e47171cffb3ad59bb1610d836

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/openstack/nova/commit/3e451f1bac57d24e47171cffb3ad59bb1610d836

reference_url

https://github.com/openstack/nova/commit/6e455cd97f04bf26bbe022be17c57e089cf502f4

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/openstack/nova/commit/6e455cd97f04bf26bbe022be17c57e089cf502f4

reference_url

https://github.com/openstack/nova/commit/ca38774ebcf5b67d16c202c8f218c0c433973ca9

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/openstack/nova/commit/ca38774ebcf5b67d16c202c8f218c0c433973ca9

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1043106
reference_id	1043106
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1043106

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2013-6437

reference_id

CVE-2013-6437

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2013-6437

reference_url

https://github.com/advisories/GHSA-hrv9-4x4c-9jc8

reference_id

GHSA-hrv9-4x4c-9jc8

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-hrv9-4x4c-9jc8

reference_url	https://access.redhat.com/errata/RHSA-2014:0231
reference_id	RHSA-2014:0231
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:0231

fixed_packages

url	pkg:deb/debian/nova@2013.2.2?distro=trixie
purl	pkg:deb/debian/nova@2013.2.2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2013.2.2%3Fdistro=trixie

url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-hd9e-1msb-uqa6

vulnerability	VCID-m5vc-4my3-87gk

vulnerability	VCID-zwuz-pgjz-rkb9

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/nova@2:26.2.2-1~deb12u3?distro=trixie
purl	pkg:deb/debian/nova@2:26.2.2-1~deb12u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u3%3Fdistro=trixie

url	pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl	pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/nova@2:33.0.0~rc1-5?distro=trixie
purl	pkg:deb/debian/nova@2:33.0.0~rc1-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.0~rc1-5%3Fdistro=trixie

url	pkg:deb/debian/nova@2:33.0.0-1?distro=trixie
purl	pkg:deb/debian/nova@2:33.0.0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.0-1%3Fdistro=trixie

url	pkg:deb/debian/nova@2:33.0.0-2?distro=trixie
purl	pkg:deb/debian/nova@2:33.0.0-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.0-2%3Fdistro=trixie

url	pkg:deb/debian/nova@2:33.0.0-3?distro=trixie
purl	pkg:deb/debian/nova@2:33.0.0-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.0-3%3Fdistro=trixie

url	pkg:deb/debian/nova@2:33.0.0-4?distro=trixie
purl	pkg:deb/debian/nova@2:33.0.0-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.0-4%3Fdistro=trixie

aliases CVE-2013-6437, GHSA-hrv9-4x4c-9jc8

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rvp9-etcr-wycj

url VCID-v47b-k4qx-h7a2

vulnerability_id VCID-v47b-k4qx-h7a2

summary

OpenStack Nova live snapshots use an insecure local directory
OpenStack Compute (Nova) Grizzly 2013.1.4, Havana 2013.2.1, and earlier uses world-writable and world-readable permissions for the temporary directory used to store live snapshots, which allows local users to read and modify live snapshots.

references

reference_url

http://rhn.redhat.com/errata/RHSA-2014-0231.html

reference_id

reference_type

scores

value	LOW
scoring_system	generic_textual
scoring_elements

url

http://rhn.redhat.com/errata/RHSA-2014-0231.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7048.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7048.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-7048

reference_id

reference_type

scores

value	0.00055
scoring_system	epss
scoring_elements	0.1722
published_at	2026-04-21T12:55:00Z

value	0.00055
scoring_system	epss
scoring_elements	0.17179
published_at	2026-04-16T12:55:00Z

value	0.00055
scoring_system	epss
scoring_elements	0.1724
published_at	2026-04-13T12:55:00Z

value	0.00055
scoring_system	epss
scoring_elements	0.17299
published_at	2026-04-12T12:55:00Z

value	0.00055
scoring_system	epss
scoring_elements	0.17186
published_at	2026-04-18T12:55:00Z

value	0.00055
scoring_system	epss
scoring_elements	0.17278
published_at	2026-04-08T12:55:00Z

value	0.00055
scoring_system	epss
scoring_elements	0.17349
published_at	2026-04-11T12:55:00Z

value	0.00055
scoring_system	epss
scoring_elements	0.17193
published_at	2026-04-01T12:55:00Z

value	0.00055
scoring_system	epss
scoring_elements	0.1736
published_at	2026-04-02T12:55:00Z

value	0.00055
scoring_system	epss
scoring_elements	0.17336
published_at	2026-04-09T12:55:00Z

value	0.00055
scoring_system	epss
scoring_elements	0.17406
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-7048

reference_url

https://bugs.launchpad.net/nova/+bug/1227027

reference_id

reference_type

scores

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://bugs.launchpad.net/nova/+bug/1227027

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7048
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7048

reference_url

https://github.com/openstack/nova

reference_id

reference_type

scores

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/openstack/nova

reference_url

https://github.com/openstack/nova/commit/75be5abd6b3fa0f7f27fe9c805f832cd41d44a5d

reference_id

reference_type

scores

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/openstack/nova/commit/75be5abd6b3fa0f7f27fe9c805f832cd41d44a5d

reference_url

https://github.com/openstack/nova/commit/8a34fc3d48c467aa196f65eed444ccdc7c02f19f

reference_id

reference_type

scores

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/openstack/nova/commit/8a34fc3d48c467aa196f65eed444ccdc7c02f19f

reference_url

https://github.com/openstack/nova/commit/9bd7fff8c0160057643cfc37c5e2b1cd3337d6aa

reference_id

reference_type

scores

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/openstack/nova/commit/9bd7fff8c0160057643cfc37c5e2b1cd3337d6aa

reference_url

http://www.openwall.com/lists/oss-security/2014/01/13/2

reference_id

reference_type

scores

value	LOW
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2014/01/13/2

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1040786
reference_id	1040786
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1040786

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=732022
reference_id	732022
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=732022

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2013-7048

reference_id

CVE-2013-7048

reference_type

scores

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2013-7048

reference_url

https://github.com/advisories/GHSA-grp5-h379-j75x

reference_id

GHSA-grp5-h379-j75x

reference_type

scores

value	LOW
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-grp5-h379-j75x

reference_url	https://access.redhat.com/errata/RHSA-2014:0231
reference_id	RHSA-2014:0231
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:0231

reference_url	https://access.redhat.com/errata/RHSA-2014:0366
reference_id	RHSA-2014:0366
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:0366

fixed_packages

url	pkg:deb/debian/nova@2013.2.2?distro=trixie
purl	pkg:deb/debian/nova@2013.2.2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2013.2.2%3Fdistro=trixie

url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-hd9e-1msb-uqa6

vulnerability	VCID-m5vc-4my3-87gk

vulnerability	VCID-zwuz-pgjz-rkb9

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/nova@2:26.2.2-1~deb12u3?distro=trixie
purl	pkg:deb/debian/nova@2:26.2.2-1~deb12u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u3%3Fdistro=trixie

url	pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl	pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/nova@2:33.0.0~rc1-5?distro=trixie
purl	pkg:deb/debian/nova@2:33.0.0~rc1-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.0~rc1-5%3Fdistro=trixie

url	pkg:deb/debian/nova@2:33.0.0-1?distro=trixie
purl	pkg:deb/debian/nova@2:33.0.0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.0-1%3Fdistro=trixie

url	pkg:deb/debian/nova@2:33.0.0-2?distro=trixie
purl	pkg:deb/debian/nova@2:33.0.0-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.0-2%3Fdistro=trixie

url	pkg:deb/debian/nova@2:33.0.0-3?distro=trixie
purl	pkg:deb/debian/nova@2:33.0.0-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.0-3%3Fdistro=trixie

url	pkg:deb/debian/nova@2:33.0.0-4?distro=trixie
purl	pkg:deb/debian/nova@2:33.0.0-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.0-4%3Fdistro=trixie

aliases CVE-2013-7048, GHSA-grp5-h379-j75x

risk_score 1.4

exploitability 0.5

weighted_severity 2.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v47b-k4qx-h7a2

url VCID-vena-h39k-v3fe

vulnerability_id VCID-vena-h39k-v3fe

summary The i_create_images_and_backing (aka create_images_and_backing) method in libvirt driver in OpenStack Compute (Nova) Grizzly, Havana, and Icehouse, when using KVM live block migration, does not properly create all expected files, which allows attackers to obtain snapshot root disk contents of other users via ephemeral storage.

references

reference_url

http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127732.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127732.html

reference_url

http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127735.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127735.html

reference_url

http://osvdb.org/102416

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://osvdb.org/102416

reference_url

http://rhn.redhat.com/errata/RHSA-2014-0231.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://rhn.redhat.com/errata/RHSA-2014-0231.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7130.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7130.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-7130

reference_id

reference_type

scores

value	0.02539
scoring_system	epss
scoring_elements	0.85385
published_at	2026-04-01T12:55:00Z

value	0.02539
scoring_system	epss
scoring_elements	0.85487
published_at	2026-04-18T12:55:00Z

value	0.02539
scoring_system	epss
scoring_elements	0.85482
published_at	2026-04-16T12:55:00Z

value	0.02539
scoring_system	epss
scoring_elements	0.85458
published_at	2026-04-13T12:55:00Z

value	0.02539
scoring_system	epss
scoring_elements	0.85462
published_at	2026-04-12T12:55:00Z

value	0.02539
scoring_system	epss
scoring_elements	0.85464
published_at	2026-04-11T12:55:00Z

value	0.02539
scoring_system	epss
scoring_elements	0.8545
published_at	2026-04-09T12:55:00Z

value	0.02539
scoring_system	epss
scoring_elements	0.85441
published_at	2026-04-08T12:55:00Z

value	0.02539
scoring_system	epss
scoring_elements	0.8542
published_at	2026-04-07T12:55:00Z

value	0.02539
scoring_system	epss
scoring_elements	0.85417
published_at	2026-04-04T12:55:00Z

value	0.02539
scoring_system	epss
scoring_elements	0.85397
published_at	2026-04-02T12:55:00Z

value	0.02539
scoring_system	epss
scoring_elements	0.85483
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-7130

reference_url

https://bugs.launchpad.net/nova/+bug/1251590

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://bugs.launchpad.net/nova/+bug/1251590

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7130
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7130

reference_url	http://secunia.com/advisories/56450
reference_id
reference_type
scores
url	http://secunia.com/advisories/56450

reference_url

https://exchange.xforce.ibmcloud.com/vulnerabilities/90652

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://exchange.xforce.ibmcloud.com/vulnerabilities/90652

reference_url

https://github.com/openstack/nova

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/openstack/nova

reference_url

https://github.com/openstack/nova/commit/15ee7e17f63f5583307a546ecf28952c364c88f9

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/openstack/nova/commit/15ee7e17f63f5583307a546ecf28952c364c88f9

reference_url

https://github.com/openstack/nova/commit/b0d36683fe064b32cbef013e1c0c46bd018ab9a1

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/openstack/nova/commit/b0d36683fe064b32cbef013e1c0c46bd018ab9a1

reference_url

https://github.com/openstack/nova/commit/cbeb5e51886b0296349fc476305bfe3d63c627c3

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/openstack/nova/commit/cbeb5e51886b0296349fc476305bfe3d63c627c3

reference_url

https://github.com/pypa/advisory-database/tree/main/vulns/nova/PYSEC-2014-111.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/pypa/advisory-database/tree/main/vulns/nova/PYSEC-2014-111.yaml

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2013-7130

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2013-7130

reference_url

https://review.openstack.org/#/c/68658

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://review.openstack.org/#/c/68658

reference_url	https://review.openstack.org/#/c/68658/
reference_id
reference_type
scores
url	https://review.openstack.org/#/c/68658/

reference_url

https://review.openstack.org/#/c/68659

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://review.openstack.org/#/c/68659

reference_url	https://review.openstack.org/#/c/68659/
reference_id
reference_type
scores
url	https://review.openstack.org/#/c/68659/

reference_url

https://review.openstack.org/#/c/68660

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://review.openstack.org/#/c/68660

reference_url	https://review.openstack.org/#/c/68660/
reference_id
reference_type
scores
url	https://review.openstack.org/#/c/68660/

reference_url

http://www.openwall.com/lists/oss-security/2014/01/23/5

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2014/01/23/5

reference_url	http://www.securityfocus.com/bid/65106
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/65106

reference_url

http://www.ubuntu.com/usn/USN-2247-1

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.ubuntu.com/usn/USN-2247-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1055400
reference_id	1055400
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1055400

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=736465
reference_id	736465
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=736465

reference_url

https://github.com/advisories/GHSA-99rx-9x8v-9j8p

reference_id

GHSA-99rx-9x8v-9j8p

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-99rx-9x8v-9j8p

reference_url	https://access.redhat.com/errata/RHSA-2014:0231
reference_id	RHSA-2014:0231
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:0231

reference_url	https://access.redhat.com/errata/RHSA-2014:0366
reference_id	RHSA-2014:0366
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:0366

reference_url	https://usn.ubuntu.com/2247-1/
reference_id	USN-2247-1
reference_type
scores
url	https://usn.ubuntu.com/2247-1/

fixed_packages

url	pkg:deb/debian/nova@2013.2.2?distro=trixie
purl	pkg:deb/debian/nova@2013.2.2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2013.2.2%3Fdistro=trixie

url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-hd9e-1msb-uqa6

vulnerability	VCID-m5vc-4my3-87gk

vulnerability	VCID-zwuz-pgjz-rkb9

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/nova@2:26.2.2-1~deb12u3?distro=trixie
purl	pkg:deb/debian/nova@2:26.2.2-1~deb12u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u3%3Fdistro=trixie

url	pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl	pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/nova@2:33.0.0~rc1-5?distro=trixie
purl	pkg:deb/debian/nova@2:33.0.0~rc1-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.0~rc1-5%3Fdistro=trixie

url	pkg:deb/debian/nova@2:33.0.0-1?distro=trixie
purl	pkg:deb/debian/nova@2:33.0.0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.0-1%3Fdistro=trixie

url	pkg:deb/debian/nova@2:33.0.0-2?distro=trixie
purl	pkg:deb/debian/nova@2:33.0.0-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.0-2%3Fdistro=trixie

url	pkg:deb/debian/nova@2:33.0.0-3?distro=trixie
purl	pkg:deb/debian/nova@2:33.0.0-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.0-3%3Fdistro=trixie

url	pkg:deb/debian/nova@2:33.0.0-4?distro=trixie
purl	pkg:deb/debian/nova@2:33.0.0-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.0-4%3Fdistro=trixie

aliases CVE-2013-7130, GHSA-99rx-9x8v-9j8p, PYSEC-2014-111

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vena-h39k-v3fe

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2013.2.2%3Fdistro=trixie

Package Instance