VulnerableCode Package Details - pkg:pypi/cinder@7.0.2

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:pypi/cinder@7.0.2

Essentials
History (1)

purl	pkg:pypi/cinder@7.0.2

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-6bmt-zgqg-5bdv	OpenStack Cinder, Glance, and Nova contain Uncontrolled Resource Consumption A resource vulnerability in the OpenStack Compute (nova), Block Storage (cinder), and Image (glance) services was found in their use of qemu-img. An unprivileged user could consume as much as 4 GB of RAM on the compute host by uploading a malicious image. This flaw could lead possibly to host out-of-memory errors and negatively affect other running tenant instances. oslo.concurrency has been updated to support process limits ('prlimit'), which is needed to fix this flaw.	CVE-2015-5162 GHSA-g2j5-7vgx-6xrx

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-02T04:43:25.710629+00:00	GitLab Importer	Fixing	VCID-6bmt-zgqg-5bdv	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/cinder/CVE-2015-5162.yml	38.6.0