Search for packages
| purl | pkg:deb/debian/nova@2013.1.3-1?distro=trixie |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-7wvt-bvww-g7ck | OpenStack Compute (Nova) Resource limit circumvention in Nova private flavors The "create an instance" API in OpenStack Compute (Nova) Folsom, Grizzly, and Havana does not properly enforce the os-flavor-access:is_public property, which allows remote authenticated users to boot arbitrary flavors by guessing the flavor id. NOTE: this issue is due to an incomplete fix for CVE-2013-2256. |
CVE-2013-4278
GHSA-43cm-73px-5v4m |
| VCID-sj2k-uq1g-suby | Improper Restriction of Operations within the Bounds of a Memory Buffer CVE-2013-4179 OpenStack: Nova XML entities DoS |
CVE-2013-4179
GHSA-j6xh-q826-55jw |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-16T09:47:43.102590+00:00 | Debian Importer | Fixing | VCID-sj2k-uq1g-suby | https://security-tracker.debian.org/tracker/data/json | 38.4.0 |
| 2026-04-16T08:56:41.473287+00:00 | Debian Importer | Fixing | VCID-7wvt-bvww-g7ck | https://security-tracker.debian.org/tracker/data/json | 38.4.0 |
| 2026-04-12T18:14:45.451214+00:00 | Debian Importer | Fixing | VCID-sj2k-uq1g-suby | https://security-tracker.debian.org/tracker/data/json | 38.3.0 |
| 2026-04-11T18:00:10.642608+00:00 | Debian Importer | Fixing | VCID-7wvt-bvww-g7ck | https://security-tracker.debian.org/tracker/data/json | 38.3.0 |
| 2026-04-03T07:47:28.237054+00:00 | Debian Importer | Fixing | VCID-7wvt-bvww-g7ck | https://security-tracker.debian.org/tracker/data/json | 38.1.0 |
| 2026-04-03T07:47:28.081378+00:00 | Debian Importer | Fixing | VCID-sj2k-uq1g-suby | https://security-tracker.debian.org/tracker/data/json | 38.1.0 |