Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:rpm/redhat/openstack-nova@1:20.6.2-2.20230308185148.fc01371?arch=el8ost

Type rpm

Namespace redhat

Name openstack-nova

Version 1:20.6.2-2.20230308185148.fc01371

Qualifiers

arch	el8ost

Subpath

Is_vulnerable true

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

url

VCID-m5vc-4my3-87gk

vulnerability_id

VCID-m5vc-4my3-87gk

summary

OpenStack Nova Changing vnic_type breaks compute service restart
An issue was discovered in OpenStack Nova before 23.2.2, 24.x before 24.1.2, and 25.x before 25.0.2. By creating a neutron port with the direct vnic_type, creating an instance bound to that port, and then changing the vnic_type of the bound port to macvtap, an authenticated user may cause the compute service to fail to restart, resulting in a possible denial of service. Only Nova deployments configured with SR-IOV are affected.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37394.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37394.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-37394

reference_id

reference_type

scores

value	0.00058
scoring_system	epss
scoring_elements	0.18199
published_at	2026-04-18T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18186
published_at	2026-04-16T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18241
published_at	2026-04-13T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18292
published_at	2026-04-12T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18339
published_at	2026-04-11T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18338
published_at	2026-04-09T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18285
published_at	2026-04-08T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18202
published_at	2026-04-07T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18492
published_at	2026-04-04T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18438
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-37394

reference_url

https://bugs.launchpad.net/ossa/+bug/1981813

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://bugs.launchpad.net/ossa/+bug/1981813

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37394
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37394

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/openstack/nova

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/openstack/nova

reference_url

https://github.com/openstack/nova/commit/0c87681135cfb3ce61d2a0392928c1dbc1fe5fde

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/openstack/nova/commit/0c87681135cfb3ce61d2a0392928c1dbc1fe5fde

reference_url

https://github.com/openstack/nova/commit/1a98a1a650d065a8ab3e1c474f3b9fd537dc2206

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/openstack/nova/commit/1a98a1a650d065a8ab3e1c474f3b9fd537dc2206

reference_url

https://github.com/openstack/nova/commit/4954f993680c75fd9d3d507f2dcd00300c9b3d44

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/openstack/nova/commit/4954f993680c75fd9d3d507f2dcd00300c9b3d44

reference_url

https://github.com/openstack/nova/commit/a28c82719545d5c8ee7f3ff1361b3a796e05095a

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/openstack/nova/commit/a28c82719545d5c8ee7f3ff1361b3a796e05095a

reference_url

https://github.com/openstack/nova/commit/e43bf900dc8ca66578603bed333c56b215b1876e

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/openstack/nova/commit/e43bf900dc8ca66578603bed333c56b215b1876e

reference_url

https://github.com/openstack/nova/commit/f8c91eb75fc5504a37fc3b4be1d65d33dbc9b511

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/openstack/nova/commit/f8c91eb75fc5504a37fc3b4be1d65d33dbc9b511

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2022-37394

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2022-37394

reference_url

https://review.opendev.org/c/openstack/nova/+/849985

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://review.opendev.org/c/openstack/nova/+/849985

reference_url

https://review.opendev.org/c/openstack/nova/+/850003

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://review.opendev.org/c/openstack/nova/+/850003

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016980
reference_id	1016980
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016980

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2117333
reference_id	2117333
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2117333

reference_url

https://github.com/advisories/GHSA-v725-c588-h936

reference_id

GHSA-v725-c588-h936

reference_type

scores

value	LOW
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-v725-c588-h936

reference_url	https://access.redhat.com/errata/RHSA-2023:1948
reference_id	RHSA-2023:1948
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1948

reference_url	https://usn.ubuntu.com/5866-1/
reference_id	USN-5866-1
reference_type
scores
url	https://usn.ubuntu.com/5866-1/

fixed_packages

aliases

CVE-2022-37394, GHSA-v725-c588-h936

risk_score

1.9

exploitability

0.5

weighted_severity

3.8

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-m5vc-4my3-87gk

Fixing_vulnerabilities

Risk_score 1.9

Resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/openstack-nova@1:20.6.2-2.20230308185148.fc01371%3Farch=el8ost

Package Instance