Search for packages
| purl | pkg:pypi/cinder@8.0.0 |
| Tags | Ghost |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 4.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-zy9m-d25c-5uga
Aliases: CVE-2015-5162 GHSA-g2j5-7vgx-6xrx |
OpenStack Cinder, Glance, and Nova contain Uncontrolled Resource Consumption A resource vulnerability in the OpenStack Compute (nova), Block Storage (cinder), and Image (glance) services was found in their use of qemu-img. An unprivileged user could consume as much as 4 GB of RAM on the compute host by uploading a malicious image. This flaw could lead possibly to host out-of-memory errors and negatively affect other running tenant instances. oslo.concurrency has been updated to support process limits ('prlimit'), which is needed to fix this flaw. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-04T14:31:02.457224+00:00 | GHSA Importer | Affected by | VCID-zy9m-d25c-5uga | https://github.com/advisories/GHSA-g2j5-7vgx-6xrx | 38.1.0 |
| 2026-04-01T12:50:35.514743+00:00 | GitLab Importer | Affected by | VCID-zy9m-d25c-5uga | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/cinder/CVE-2015-5162.yml | 38.0.0 |