VulnerableCode Package Details - pkg:deb/debian/nova@2013.2-3?distro=trixie

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-az4e-wgmd-gyc3	OpenStack Compute (Nova) Denial of service due to improper validation of virtual size of QCOW2 image OpenStack Compute (Nova) Folsom, Grizzly, and Havana, when use_cow_images is set to False, does not verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service (host file system disk consumption) by transferring an image with a large virtual size that does not contain a large amount of data from Glance. NOTE: this issue is due to an incomplete fix for CVE-2013-2096.	CVE-2013-4469 GHSA-2w87-5qcj-j6gx
VCID-kqbu-drg3-fycm	OpenStack Nova denial of service through compressed disk images OpenStack Compute (Nova) Folsom, Grizzly, and Havana does not properly verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service (host file system disk consumption) via a compressed QCOW2 image. NOTE: this issue is due to an incomplete fix for CVE-2013-2096.	CVE-2013-4463 GHSA-5644-2v3h-5w4x

Vulnerability

Summary

Aliases

VCID-az4e-wgmd-gyc3

OpenStack Compute (Nova) Denial of service due to improper validation of virtual size of QCOW2 image OpenStack Compute (Nova) Folsom, Grizzly, and Havana, when use_cow_images is set to False, does not verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service (host file system disk consumption) by transferring an image with a large virtual size that does not contain a large amount of data from Glance. NOTE: this issue is due to an incomplete fix for CVE-2013-2096.

CVE-2013-4469
GHSA-2w87-5qcj-j6gx

VCID-kqbu-drg3-fycm

OpenStack Nova denial of service through compressed disk images OpenStack Compute (Nova) Folsom, Grizzly, and Havana does not properly verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service (host file system disk consumption) via a compressed QCOW2 image. NOTE: this issue is due to an incomplete fix for CVE-2013-2096.

CVE-2013-4463
GHSA-5644-2v3h-5w4x

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T09:03:24.955984+00:00	Debian Importer	Fixing	VCID-az4e-wgmd-gyc3	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T08:38:08.886483+00:00	Debian Importer	Fixing	VCID-kqbu-drg3-fycm	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-12T18:14:45.700060+00:00	Debian Importer	Fixing	VCID-az4e-wgmd-gyc3	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-12T18:14:45.652678+00:00	Debian Importer	Fixing	VCID-kqbu-drg3-fycm	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-03T07:47:28.350729+00:00	Debian Importer	Fixing	VCID-az4e-wgmd-gyc3	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:47:28.294398+00:00	Debian Importer	Fixing	VCID-kqbu-drg3-fycm	https://security-tracker.debian.org/tracker/data/json	38.1.0