VulnerableCode Package Details - pkg:deb/debian/cinder@2:8.0.0-1?distro=trixie

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:deb/debian/cinder@2:8.0.0-1?distro=trixie

purl	pkg:deb/debian/cinder@2:8.0.0-1?distro=trixie

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-zy9m-d25c-5uga	OpenStack Cinder, Glance, and Nova contain Uncontrolled Resource Consumption A resource vulnerability in the OpenStack Compute (nova), Block Storage (cinder), and Image (glance) services was found in their use of qemu-img. An unprivileged user could consume as much as 4 GB of RAM on the compute host by uploading a malicious image. This flaw could lead possibly to host out-of-memory errors and negatively affect other running tenant instances. oslo.concurrency has been updated to support process limits ('prlimit'), which is needed to fix this flaw.	CVE-2015-5162 GHSA-g2j5-7vgx-6xrx

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T12:09:14.606008+00:00	Debian Importer	Fixing	VCID-zy9m-d25c-5uga	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-13T08:18:39.062914+00:00	Debian Importer	Fixing	VCID-zy9m-d25c-5uga	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-02T17:13:51.989634+00:00	Debian Importer	Fixing	VCID-zy9m-d25c-5uga	https://security-tracker.debian.org/tracker/data/json	38.1.0