Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/nova@2:20.1.1-1?distro=trixie
Typedeb
Namespacedebian
Namenova
Version2:20.1.1-1
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version2:21.1.0-1
Latest_non_vulnerable_version2:33.0.0-4
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-qfdm-g857-3yb5
vulnerability_id VCID-qfdm-g857-3yb5
summary 
OpenStack Nova can leak consoleauth token into log files
An issue was discovered in OpenStack Nova before 18.2.4, 19.x before 19.1.0, and 20.x before 20.1.0. It can leak consoleauth tokens into log files. An attacker with read access to the service's logs may obtain tokens used for console access. All Nova setups using novncproxy are affected. This is related to `NovaProxyRequestHandlerBase.new_websocket_client` in `console/websocketproxy.py`.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-9543.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-9543.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-9543
reference_id
reference_type
scores
0
value 0.00083
scoring_system epss
scoring_elements 0.24153
published_at 2026-04-21T12:55:00Z
1
value 0.00083
scoring_system epss
scoring_elements 0.24147
published_at 2026-04-07T12:55:00Z
2
value 0.00083
scoring_system epss
scoring_elements 0.24177
published_at 2026-04-18T12:55:00Z
3
value 0.00083
scoring_system epss
scoring_elements 0.2419
published_at 2026-04-16T12:55:00Z
4
value 0.00083
scoring_system epss
scoring_elements 0.24173
published_at 2026-04-13T12:55:00Z
5
value 0.00083
scoring_system epss
scoring_elements 0.2423
published_at 2026-04-12T12:55:00Z
6
value 0.00083
scoring_system epss
scoring_elements 0.24273
published_at 2026-04-11T12:55:00Z
7
value 0.00083
scoring_system epss
scoring_elements 0.24256
published_at 2026-04-09T12:55:00Z
8
value 0.00083
scoring_system epss
scoring_elements 0.24201
published_at 2026-04-01T12:55:00Z
9
value 0.00083
scoring_system epss
scoring_elements 0.2433
published_at 2026-04-02T12:55:00Z
10
value 0.00083
scoring_system epss
scoring_elements 0.24364
published_at 2026-04-04T12:55:00Z
11
value 0.00083
scoring_system epss
scoring_elements 0.24213
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-9543
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9543
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9543
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/openstack/nova/commit/08f1f914cc219cf526adfb08c46b8f40b4e78232
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/08f1f914cc219cf526adfb08c46b8f40b4e78232
5
reference_url https://github.com/openstack/nova/commit/26d4047e17eba9bc271f8868f1d0ffeec97b555e
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/26d4047e17eba9bc271f8868f1d0ffeec97b555e
6
reference_url https://github.com/openstack/nova/commit/d8fbf04f325f593836f8d44b6bbf42b85bde94e3
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/d8fbf04f325f593836f8d44b6bbf42b85bde94e3
7
reference_url https://launchpad.net/bugs/1492140
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://launchpad.net/bugs/1492140
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-9543
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-9543
9
reference_url https://review.opendev.org/220622
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://review.opendev.org/220622
10
reference_url https://security.openstack.org/ossa/OSSA-2020-001.html
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://security.openstack.org/ossa/OSSA-2020-001.html
11
reference_url http://www.openwall.com/lists/oss-security/2020/02/19/2
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2020/02/19/2
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1805386
reference_id 1805386
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1805386
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=951635
reference_id 951635
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=951635
14
reference_url https://github.com/advisories/GHSA-22jm-4hxw-35jf
reference_id GHSA-22jm-4hxw-35jf
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-22jm-4hxw-35jf
15
reference_url https://usn.ubuntu.com/5866-1/
reference_id USN-5866-1
reference_type
scores
url https://usn.ubuntu.com/5866-1/
fixed_packages
0
url pkg:deb/debian/nova@2:20.1.1-1?distro=trixie
purl pkg:deb/debian/nova@2:20.1.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:20.1.1-1%3Fdistro=trixie
1
url pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/nova@2:22.0.1-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-hd9e-1msb-uqa6
1
vulnerability VCID-m5vc-4my3-87gk
2
vulnerability VCID-zwuz-pgjz-rkb9
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:22.0.1-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/nova@2:26.2.2-1~deb12u3?distro=trixie
purl pkg:deb/debian/nova@2:26.2.2-1~deb12u3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:26.2.2-1~deb12u3%3Fdistro=trixie
3
url pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/nova@2:31.0.0-6%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:31.0.0-6%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/nova@2:33.0.0~rc1-5?distro=trixie
purl pkg:deb/debian/nova@2:33.0.0~rc1-5?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.0~rc1-5%3Fdistro=trixie
5
url pkg:deb/debian/nova@2:33.0.0-1?distro=trixie
purl pkg:deb/debian/nova@2:33.0.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.0-1%3Fdistro=trixie
6
url pkg:deb/debian/nova@2:33.0.0-2?distro=trixie
purl pkg:deb/debian/nova@2:33.0.0-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.0-2%3Fdistro=trixie
7
url pkg:deb/debian/nova@2:33.0.0-3?distro=trixie
purl pkg:deb/debian/nova@2:33.0.0-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.0-3%3Fdistro=trixie
8
url pkg:deb/debian/nova@2:33.0.0-4?distro=trixie
purl pkg:deb/debian/nova@2:33.0.0-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:33.0.0-4%3Fdistro=trixie
aliases CVE-2015-9543, GHSA-22jm-4hxw-35jf
risk_score 1.5
exploitability 0.5
weighted_severity 3.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qfdm-g857-3yb5
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/nova@2:20.1.1-1%3Fdistro=trixie