VulnerableCode Package Details - pkg:pypi/nova@2013.1.0

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:pypi/nova@2013.1.0

Essentials
History (2)

purl	pkg:pypi/nova@2013.1.0
Tags	Ghost

Next non-vulnerable version	None.
Latest non-vulnerable version	None.
Risk	3.1

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-q246-vzd6-3qfb Aliases: CVE-2014-0167 GHSA-p258-xmh3-72pv	OpenStack Compute (Nova) allows remote authenticated users to gain privileges via API requests The Nova EC2 API security group implementation in OpenStack Compute (Nova) 2013.1 before 2013.2.4 and icehouse before icehouse-rc2 does not enforce RBAC policies for (1) add_rules, (2) remove_rules, (3) destroy, and other unspecified methods in compute/api.py when using non-default policies, which allows remote authenticated users to gain privileges via these API requests.	2013.2.4 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-04T14:31:41.930709+00:00	GHSA Importer	Affected by	VCID-q246-vzd6-3qfb	https://github.com/advisories/GHSA-p258-xmh3-72pv	38.1.0
2026-04-03T21:26:03.047319+00:00	GitLab Importer	Affected by	VCID-q246-vzd6-3qfb	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/nova/CVE-2014-0167.yml	38.1.0