Search for packages
| purl | pkg:deb/debian/cinder@2013.1.2-4?distro=trixie |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-4cvx-j5g1-23hx | The clear_volume function in LVMVolumeDriver driver in OpenStack Cinder 2013.1.1 through 2013.1.2 does not properly clear data when deleting a snapshot, which allows local users to obtain sensitive information via unspecified vectors. |
CVE-2013-4183
GHSA-q3rw-wcj6-8cjf PYSEC-2013-35 |
| VCID-kgrz-64rh-cbdd | OpenStack Cinder Denial of Service using XML entities The (1) backup (api/contrib/backups.py) and (2) volume transfer (contrib/volume_transfer.py) APIs in OpenStack Cinder Grizzly 2013.1.3 and earlier allows remote attackers to cause a denial of service (resource consumption and crash) via an XML Entity Expansion (XEE) attack. NOTE: this issue is due to an incomplete fix for CVE-2013-1664. |
CVE-2013-4202
GHSA-mfg4-9xf4-f45q |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-16T11:34:19.538237+00:00 | Debian Importer | Fixing | VCID-kgrz-64rh-cbdd | https://security-tracker.debian.org/tracker/data/json | 38.4.0 |
| 2026-04-16T09:25:49.554265+00:00 | Debian Importer | Fixing | VCID-4cvx-j5g1-23hx | https://security-tracker.debian.org/tracker/data/json | 38.4.0 |
| 2026-04-13T07:53:20.122055+00:00 | Debian Importer | Fixing | VCID-kgrz-64rh-cbdd | https://security-tracker.debian.org/tracker/data/json | 38.3.0 |
| 2026-04-11T18:17:38.262769+00:00 | Debian Importer | Fixing | VCID-4cvx-j5g1-23hx | https://security-tracker.debian.org/tracker/data/json | 38.3.0 |
| 2026-04-02T17:18:16.376447+00:00 | Debian Importer | Fixing | VCID-kgrz-64rh-cbdd | https://security-tracker.debian.org/tracker/data/json | 38.1.0 |
| 2026-04-02T17:04:54.523919+00:00 | Debian Importer | Fixing | VCID-4cvx-j5g1-23hx | https://security-tracker.debian.org/tracker/data/json | 38.1.0 |