VulnerableCode Package Details - pkg:deb/debian/nova@2013.2.2?distro=trixie

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-rvp9-etcr-wycj	OpenStack Nova DoS through ephemeral disk backing files The libvirt driver in OpenStack Compute (Nova) before 2013.2.2 and icehouse before icehouse-2 allows remote authenticated users to cause a denial of service (disk consumption) by creating and deleting instances with unique os_type settings, which triggers the creation of a new ephemeral disk backing file.	CVE-2013-6437 GHSA-hrv9-4x4c-9jc8
VCID-v47b-k4qx-h7a2	OpenStack Nova live snapshots use an insecure local directory OpenStack Compute (Nova) Grizzly 2013.1.4, Havana 2013.2.1, and earlier uses world-writable and world-readable permissions for the temporary directory used to store live snapshots, which allows local users to read and modify live snapshots.	CVE-2013-7048 GHSA-grp5-h379-j75x
VCID-vena-h39k-v3fe	The i_create_images_and_backing (aka create_images_and_backing) method in libvirt driver in OpenStack Compute (Nova) Grizzly, Havana, and Icehouse, when using KVM live block migration, does not properly create all expected files, which allows attackers to obtain snapshot root disk contents of other users via ephemeral storage.	CVE-2013-7130 GHSA-99rx-9x8v-9j8p PYSEC-2014-111

Vulnerability

Summary

Aliases

VCID-rvp9-etcr-wycj

OpenStack Nova DoS through ephemeral disk backing files The libvirt driver in OpenStack Compute (Nova) before 2013.2.2 and icehouse before icehouse-2 allows remote authenticated users to cause a denial of service (disk consumption) by creating and deleting instances with unique os_type settings, which triggers the creation of a new ephemeral disk backing file.

CVE-2013-6437
GHSA-hrv9-4x4c-9jc8

VCID-v47b-k4qx-h7a2

OpenStack Nova live snapshots use an insecure local directory OpenStack Compute (Nova) Grizzly 2013.1.4, Havana 2013.2.1, and earlier uses world-writable and world-readable permissions for the temporary directory used to store live snapshots, which allows local users to read and modify live snapshots.

CVE-2013-7048
GHSA-grp5-h379-j75x

VCID-vena-h39k-v3fe

The i_create_images_and_backing (aka create_images_and_backing) method in libvirt driver in OpenStack Compute (Nova) Grizzly, Havana, and Icehouse, when using KVM live block migration, does not properly create all expected files, which allows attackers to obtain snapshot root disk contents of other users via ephemeral storage.

CVE-2013-7130
GHSA-99rx-9x8v-9j8p
PYSEC-2014-111

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T09:47:38.981652+00:00	Debian Importer	Fixing	VCID-vena-h39k-v3fe	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T08:47:02.083380+00:00	Debian Importer	Fixing	VCID-rvp9-etcr-wycj	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T08:44:32.666097+00:00	Debian Importer	Fixing	VCID-v47b-k4qx-h7a2	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-12T18:14:45.958368+00:00	Debian Importer	Fixing	VCID-vena-h39k-v3fe	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T17:54:00.071602+00:00	Debian Importer	Fixing	VCID-rvp9-etcr-wycj	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T17:52:23.501846+00:00	Debian Importer	Fixing	VCID-v47b-k4qx-h7a2	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-03T07:47:28.659803+00:00	Debian Importer	Fixing	VCID-vena-h39k-v3fe	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:47:28.601730+00:00	Debian Importer	Fixing	VCID-v47b-k4qx-h7a2	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:47:28.500382+00:00	Debian Importer	Fixing	VCID-rvp9-etcr-wycj	https://security-tracker.debian.org/tracker/data/json	38.1.0