{"url":"http://public2.vulnerablecode.io/api/packages/34484?format=json","purl":"pkg:deb/debian/cinder@2:28.0.0-1?distro=trixie","type":"deb","namespace":"debian","name":"cinder","version":"2:28.0.0-1","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/202879?format=json","vulnerability_id":"VCID-3d9m-fdrr-hkey","summary":"The clear_volume function in LVMVolumeDriver driver in OpenStack Cinder 2013.1.1 through 2013.1.2 does not properly clear data when deleting a snapshot, which allows local users to obtain sensitive information via unspecified vectors.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-1198.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2013-1198.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4183.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4183.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4183","reference_id":"","reference_type":"","scores":[{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.36108","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4183"},{"reference_url":"https://bugs.launchpad.net/cinder/+bug/1198185","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugs.launchpad.net/cinder/+bug/1198185"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4183","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4183"},{"reference_url":"https://github.com/openstack/cinder","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openstack/cinder"},{"reference_url":"https://github.com/openstack/cinder/commit/0ee31073c5cb432a9cdd2648e99aa802b0ed0a17","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openstack/cinder/commit/0ee31073c5cb432a9cdd2648e99aa802b0ed0a17"},{"reference_url":"https://github.com/openstack/cinder/commit/68c597e26b5659a036a7a937622e539bac102308","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openstack/cinder/commit/68c597e26b5659a036a7a937622e539bac102308"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/cinder/PYSEC-2013-35.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/cinder/PYSEC-2013-35.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-4183","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-4183"},{"reference_url":"https://rhn.redhat.com/errata/RHSA-2013-1198.html","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://rhn.redhat.com/errata/RHSA-2013-1198.html"},{"reference_url":"https://www.ubuntu.com/usn/USN-2005-1","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.ubuntu.com/usn/USN-2005-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2005-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2005-1"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=719010","reference_id":"719010","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=719010"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=994355","reference_id":"994355","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=994355"},{"reference_url":"https://github.com/advisories/GHSA-q3rw-wcj6-8cjf","reference_id":"GHSA-q3rw-wcj6-8cjf","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-q3rw-wcj6-8cjf"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1198","reference_id":"RHSA-2013:1198","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1198"},{"reference_url":"https://usn.ubuntu.com/2005-1/","reference_id":"USN-2005-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2005-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/34492?format=json","purl":"pkg:deb/debian/cinder@2013.1.2-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2013.1.2-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/34483?format=json","purl":"pkg:deb/debian/cinder@2:17.0.1-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:17.0.1-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/34481?format=json","purl":"pkg:deb/debian/cinder@2:21.3.1-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:21.3.1-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/34486?format=json","purl":"pkg:deb/debian/cinder@2:26.0.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:26.0.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/34484?format=json","purl":"pkg:deb/debian/cinder@2:28.0.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:28.0.0-1%3Fdistro=trixie"}],"aliases":["CVE-2013-4183","GHSA-q3rw-wcj6-8cjf","PYSEC-2013-35"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3d9m-fdrr-hkey"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/202695?format=json","vulnerability_id":"VCID-3su7-x16c-17bw","summary":"The OpenStack Nova (python-nova) package 1:2013.2.3-0 before 1:2013.2.3-0ubuntu1.2 and 1:2014.1-0 before 1:2014.1-0ubuntu1.2 and Openstack Cinder (python-cinder) package 1:2013.2.3-0 before 1:2013.2.3-0ubuntu1.1 and 1:2014.1-0 before 1:2014.1-0ubuntu1.1 for Ubuntu 13.10 and 14.04 LTS does not properly set the sudo configuration, which makes it easier for attackers to gain privileges by leveraging another vulnerability.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1068","reference_id":"","reference_type":"","scores":[{"value":"0.00222","scoring_system":"epss","scoring_elements":"0.44912","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1068"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1068","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1068"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=753579","reference_id":"753579","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=753579"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=753585","reference_id":"753585","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=753585"},{"reference_url":"https://usn.ubuntu.com/2247-1/","reference_id":"USN-2247-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2247-1/"},{"reference_url":"https://usn.ubuntu.com/2248-1/","reference_id":"USN-2248-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2248-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/34482?format=json","purl":"pkg:deb/debian/cinder@2014.1.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2014.1.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/34483?format=json","purl":"pkg:deb/debian/cinder@2:17.0.1-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:17.0.1-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/34481?format=json","purl":"pkg:deb/debian/cinder@2:21.3.1-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:21.3.1-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/34486?format=json","purl":"pkg:deb/debian/cinder@2:26.0.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:26.0.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/34484?format=json","purl":"pkg:deb/debian/cinder@2:28.0.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:28.0.0-1%3Fdistro=trixie"}],"aliases":["CVE-2013-1068"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3su7-x16c-17bw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/15046?format=json","vulnerability_id":"VCID-8wk2-9q4v-uyfp","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-2088.json","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-2088.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-2088","reference_id":"","reference_type":"","scores":[{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31417","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-2088"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2088","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2088"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035932","reference_id":"1035932","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035932"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035961","reference_id":"1035961","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035961"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035962","reference_id":"1035962","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035962"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035963","reference_id":"1035963","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035963"},{"reference_url":"https://bugs.launchpad.net/bugs/2004555","reference_id":"2004555","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-24T15:40:54Z/"}],"url":"https://bugs.launchpad.net/bugs/2004555"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2179587","reference_id":"2179587","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2179587"},{"reference_url":"https://security.openstack.org/ossa/OSSA-2023-003.html","reference_id":"OSSA-2023-003.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-24T15:40:54Z/"}],"url":"https://security.openstack.org/ossa/OSSA-2023-003.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3156","reference_id":"RHSA-2023:3156","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3156"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3157","reference_id":"RHSA-2023:3157","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3157"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3158","reference_id":"RHSA-2023:3158","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3158"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3161","reference_id":"RHSA-2023:3161","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3161"},{"reference_url":"https://usn.ubuntu.com/6073-1/","reference_id":"USN-6073-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6073-1/"},{"reference_url":"https://usn.ubuntu.com/6073-2/","reference_id":"USN-6073-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6073-2/"},{"reference_url":"https://usn.ubuntu.com/6073-3/","reference_id":"USN-6073-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6073-3/"},{"reference_url":"https://usn.ubuntu.com/6073-4/","reference_id":"USN-6073-4","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6073-4/"},{"reference_url":"https://usn.ubuntu.com/6241-1/","reference_id":"USN-6241-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6241-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/34483?format=json","purl":"pkg:deb/debian/cinder@2:17.0.1-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:17.0.1-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/34522?format=json","purl":"pkg:deb/debian/cinder@2:17.4.0-1~deb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:17.4.0-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/34520?format=json","purl":"pkg:deb/debian/cinder@2:21.1.0-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:21.1.0-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/34481?format=json","purl":"pkg:deb/debian/cinder@2:21.3.1-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:21.3.1-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/34486?format=json","purl":"pkg:deb/debian/cinder@2:26.0.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:26.0.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/34484?format=json","purl":"pkg:deb/debian/cinder@2:28.0.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:28.0.0-1%3Fdistro=trixie"}],"aliases":["CVE-2023-2088"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8wk2-9q4v-uyfp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/52762?format=json","vulnerability_id":"VCID-b5nx-bq5u-mbbn","summary":"An issue was discovered in OpenStack Cinder through 24.0.0, Glance before 28.0.2, and Nova before 29.0.3. Arbitrary file access can occur via custom QCOW2 external data. By supplying a crafted QCOW2 image that references a specific data file path, an authenticated user may convince systems to return a copy of that file's contents from the server, resulting in unauthorized access to potentially sensitive data. All Cinder and Nova deployments are affected; only Glance deployments with image conversion enabled are affected.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32498.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32498.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32498","reference_id":"","reference_type":"","scores":[{"value":"0.00214","scoring_system":"epss","scoring_elements":"0.44037","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32498"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32498","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32498"},{"reference_url":"https://github.com/openstack/cinder/commit/78f85c1f9b20a067ef64d6451dee0228c3a0db5e","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openstack/cinder/commit/78f85c1f9b20a067ef64d6451dee0228c3a0db5e"},{"reference_url":"https://github.com/openstack/cinder/commit/d6a186945e03649343af55b46ed8dfe0dd326e40","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openstack/cinder/commit/d6a186945e03649343af55b46ed8dfe0dd326e40"},{"reference_url":"https://github.com/openstack/glance/commit/22f0c9c6f98db1d93569e3edb800c271f35b0ef9","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openstack/glance/commit/22f0c9c6f98db1d93569e3edb800c271f35b0ef9"},{"reference_url":"https://github.com/openstack/glance/commit/2e65391744a82421bc6f026ee8f1f3550038f175","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openstack/glance/commit/2e65391744a82421bc6f026ee8f1f3550038f175"},{"reference_url":"https://github.com/openstack/glance/commit/867d1dd8b6e4f5774257a98c7c33061fbbbde973","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openstack/glance/commit/867d1dd8b6e4f5774257a98c7c33061fbbbde973"},{"reference_url":"https://github.com/openstack/glance/commit/cc7d53adbecf85f3d7df78e7618fe8ab3a075c5f","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openstack/glance/commit/cc7d53adbecf85f3d7df78e7618fe8ab3a075c5f"},{"reference_url":"https://github.com/openstack/glance/commit/d607e78630cc9d1ca18b3a027322809c042f64df","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openstack/glance/commit/d607e78630cc9d1ca18b3a027322809c042f64df"},{"reference_url":"https://github.com/openstack/nova/commit/657e86585cc57f84ab9b364dd189547d231d5927","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openstack/nova/commit/657e86585cc57f84ab9b364dd189547d231d5927"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/09/msg00016.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2024/09/msg00016.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/09/msg00017.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2024/09/msg00017.html"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074761","reference_id":"1074761","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074761"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074762","reference_id":"1074762","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074762"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074763","reference_id":"1074763","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074763"},{"reference_url":"https://www.openwall.com/lists/oss-security/2024/07/02/2","reference_id":"2","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T15:32:53Z/"}],"url":"https://www.openwall.com/lists/oss-security/2024/07/02/2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/07/02/2","reference_id":"2","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T15:32:53Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/07/02/2"},{"reference_url":"https://launchpad.net/bugs/2059809","reference_id":"2059809","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T15:32:53Z/"}],"url":"https://launchpad.net/bugs/2059809"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2278663","reference_id":"2278663","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2278663"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-32498","reference_id":"CVE-2024-32498","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-32498"},{"reference_url":"https://github.com/advisories/GHSA-r4v4-w9pv-6fph","reference_id":"GHSA-r4v4-w9pv-6fph","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-r4v4-w9pv-6fph"},{"reference_url":"https://security.openstack.org/ossa/OSSA-2024-001.html","reference_id":"OSSA-2024-001.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T15:32:53Z/"}],"url":"https://security.openstack.org/ossa/OSSA-2024-001.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4272","reference_id":"RHSA-2024:4272","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4272"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4273","reference_id":"RHSA-2024:4273","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4273"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4274","reference_id":"RHSA-2024:4274","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4274"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4425","reference_id":"RHSA-2024:4425","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4425"},{"reference_url":"https://usn.ubuntu.com/6882-1/","reference_id":"USN-6882-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6882-1/"},{"reference_url":"https://usn.ubuntu.com/6882-2/","reference_id":"USN-6882-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6882-2/"},{"reference_url":"https://usn.ubuntu.com/6883-1/","reference_id":"USN-6883-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6883-1/"},{"reference_url":"https://usn.ubuntu.com/6884-1/","reference_id":"USN-6884-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6884-1/"},{"reference_url":"https://usn.ubuntu.com/8199-1/","reference_id":"USN-8199-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8199-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/34483?format=json","purl":"pkg:deb/debian/cinder@2:17.0.1-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:17.0.1-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/34522?format=json","purl":"pkg:deb/debian/cinder@2:17.4.0-1~deb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:17.4.0-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/34481?format=json","purl":"pkg:deb/debian/cinder@2:21.3.1-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:21.3.1-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/34527?format=json","purl":"pkg:deb/debian/cinder@2:24.0.0-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:24.0.0-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/34486?format=json","purl":"pkg:deb/debian/cinder@2:26.0.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:26.0.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/34484?format=json","purl":"pkg:deb/debian/cinder@2:28.0.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:28.0.0-1%3Fdistro=trixie"}],"aliases":["CVE-2024-32498","GHSA-r4v4-w9pv-6fph"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b5nx-bq5u-mbbn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3027?format=json","vulnerability_id":"VCID-ck3r-y491-37g1","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15139.json","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15139.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-15139","reference_id":"","reference_type":"","scores":[{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47755","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-15139"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15139","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15139"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1599899","reference_id":"1599899","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1599899"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3601","reference_id":"RHSA-2018:3601","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:3601"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0917","reference_id":"RHSA-2019:0917","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0917"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/34509?format=json","purl":"pkg:deb/debian/cinder@2:13.0.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:13.0.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/34483?format=json","purl":"pkg:deb/debian/cinder@2:17.0.1-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:17.0.1-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/34481?format=json","purl":"pkg:deb/debian/cinder@2:21.3.1-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:21.3.1-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/34486?format=json","purl":"pkg:deb/debian/cinder@2:26.0.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:26.0.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/34484?format=json","purl":"pkg:deb/debian/cinder@2:28.0.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:28.0.0-1%3Fdistro=trixie"}],"aliases":["CVE-2017-15139"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ck3r-y491-37g1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/179183?format=json","vulnerability_id":"VCID-ejv6-3fkp-a7ba","summary":"Multiple vulnerabilities have been found in libxml2, allowing\n    remote attackers to execute arbitrary code or cause Denial of Service.","references":[{"reference_url":"http://blog.python.org/2013/02/announcing-defusedxml-fixes-for-xml.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://blog.python.org/2013/02/announcing-defusedxml-fixes-for-xml.html"},{"reference_url":"http://bugs.python.org/issue17239","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://bugs.python.org/issue17239"},{"reference_url":"http://lists.openstack.org/pipermail/openstack-announce/2013-February/000078.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.openstack.org/pipermail/openstack-announce/2013-February/000078.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0657.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2013-0657.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0658.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2013-0658.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0670.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2013-0670.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1664.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1664.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1664","reference_id":"","reference_type":"","scores":[{"value":"0.03938","scoring_system":"epss","scoring_elements":"0.88603","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1664"},{"reference_url":"https://bugs.launchpad.net/nova/+bug/1100282","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugs.launchpad.net/nova/+bug/1100282"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1664","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1664"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/1c60d07ba23e0350351c278ad28d0bd5aa410b40","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/1c60d07ba23e0350351c278ad28d0bd5aa410b40"},{"reference_url":"https://github.com/django/django/commit/d19a27066b2247102e65412aa66917aff0091112","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/d19a27066b2247102e65412aa66917aff0091112"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-1664","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-1664"},{"reference_url":"http://ubuntu.com/usn/usn-1757-1","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://ubuntu.com/usn/usn-1757-1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2013/02/19/2","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2013/02/19/2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2013/02/19/4","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2013/02/19/4"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700948","reference_id":"700948","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700948"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700949","reference_id":"700949","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700949"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700950","reference_id":"700950","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700950"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=913808","reference_id":"913808","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=913808"},{"reference_url":"https://github.com/advisories/GHSA-qrh7-x6fp-c2mp","reference_id":"GHSA-qrh7-x6fp-c2mp","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-qrh7-x6fp-c2mp"},{"reference_url":"https://security.gentoo.org/glsa/201311-06","reference_id":"GLSA-201311-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201311-06"},{"reference_url":"https://security.gentoo.org/glsa/201412-11","reference_id":"GLSA-201412-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201412-11"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0596","reference_id":"RHSA-2013:0596","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0596"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0657","reference_id":"RHSA-2013:0657","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0657"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0658","reference_id":"RHSA-2013:0658","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0658"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0670","reference_id":"RHSA-2013:0670","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0670"},{"reference_url":"https://usn.ubuntu.com/1730-1/","reference_id":"USN-1730-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1730-1/"},{"reference_url":"https://usn.ubuntu.com/1731-1/","reference_id":"USN-1731-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1731-1/"},{"reference_url":"https://usn.ubuntu.com/1734-1/","reference_id":"USN-1734-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1734-1/"},{"reference_url":"https://usn.ubuntu.com/1757-1/","reference_id":"USN-1757-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1757-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/34488?format=json","purl":"pkg:deb/debian/cinder@2012.2.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2012.2.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/34483?format=json","purl":"pkg:deb/debian/cinder@2:17.0.1-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:17.0.1-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/34481?format=json","purl":"pkg:deb/debian/cinder@2:21.3.1-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:21.3.1-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/34486?format=json","purl":"pkg:deb/debian/cinder@2:26.0.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:26.0.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/34484?format=json","purl":"pkg:deb/debian/cinder@2:28.0.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:28.0.0-1%3Fdistro=trixie"}],"aliases":["CVE-2013-1664","GHSA-qrh7-x6fp-c2mp"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ejv6-3fkp-a7ba"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/181717?format=json","vulnerability_id":"VCID-g13c-27v2-uqhw","summary":"security update","references":[{"reference_url":"http://lists.openstack.org/pipermail/openstack-announce/2015-June/000367.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.openstack.org/pipermail/openstack-announce/2015-June/000367.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-1206.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2015-1206.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1851.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1851.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-1851","reference_id":"","reference_type":"","scores":[{"value":"0.0051","scoring_system":"epss","scoring_elements":"0.66851","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-1851"},{"reference_url":"https://bugs.launchpad.net/cinder/+bug/1415087","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugs.launchpad.net/cinder/+bug/1415087"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1851","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1851"},{"reference_url":"https://github.com/openstack/cinder","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openstack/cinder"},{"reference_url":"https://github.com/openstack/cinder/commit/9634b76ba5886d6c2f2128d550cb005dabf48213","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openstack/cinder/commit/9634b76ba5886d6c2f2128d550cb005dabf48213"},{"reference_url":"https://github.com/openstack/cinder/commit/b1143ee45323e63b965a3710f9063e65b252c978","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openstack/cinder/commit/b1143ee45323e63b965a3710f9063e65b252c978"},{"reference_url":"https://github.com/openstack/cinder/commit/bc0549e08b010edb863d409d80114aa78d317a61","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openstack/cinder/commit/bc0549e08b010edb863d409d80114aa78d317a61"},{"reference_url":"https://github.com/openstack/cinder/commit/d31c937c566005dedf41a60c6b5bd5e7b26f221b","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openstack/cinder/commit/d31c937c566005dedf41a60c6b5bd5e7b26f221b"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-1851","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-1851"},{"reference_url":"http://www.debian.org/security/2015/dsa-3292","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2015/dsa-3292"},{"reference_url":"http://www.openwall.com/lists/oss-security/2015/06/13/1","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2015/06/13/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2015/06/17/2","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2015/06/17/2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2015/06/17/7","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2015/06/17/7"},{"reference_url":"http://www.ubuntu.com/usn/USN-2703-1","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.ubuntu.com/usn/USN-2703-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1231817","reference_id":"1231817","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1231817"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=788996","reference_id":"788996","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=788996"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1206","reference_id":"RHSA-2015:1206","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1206"},{"reference_url":"https://usn.ubuntu.com/2703-1/","reference_id":"USN-2703-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2703-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/34504?format=json","purl":"pkg:deb/debian/cinder@2015.1.0%2B2015.06.16.git26.9634b76ba5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2015.1.0%252B2015.06.16.git26.9634b76ba5-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/34483?format=json","purl":"pkg:deb/debian/cinder@2:17.0.1-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:17.0.1-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/34481?format=json","purl":"pkg:deb/debian/cinder@2:21.3.1-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:21.3.1-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/34486?format=json","purl":"pkg:deb/debian/cinder@2:26.0.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:26.0.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/34484?format=json","purl":"pkg:deb/debian/cinder@2:28.0.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:28.0.0-1%3Fdistro=trixie"}],"aliases":["CVE-2015-1851","GHSA-9hcj-h2qc-689p"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g13c-27v2-uqhw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/12669?format=json","vulnerability_id":"VCID-ggvm-x76g-3ya9","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-47951.json","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-47951.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-47951","reference_id":"","reference_type":"","scores":[{"value":"0.00615","scoring_system":"epss","scoring_elements":"0.70382","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-47951"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47951","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47951"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-47951","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-47951"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029561","reference_id":"1029561","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029561"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029562","reference_id":"1029562","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029562"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029563","reference_id":"1029563","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029563"},{"reference_url":"https://launchpad.net/bugs/1996188","reference_id":"1996188","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-31T16:49:04Z/"}],"url":"https://launchpad.net/bugs/1996188"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2161812","reference_id":"2161812","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2161812"},{"reference_url":"https://www.debian.org/security/2023/dsa-5336","reference_id":"dsa-5336","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-31T16:49:04Z/"}],"url":"https://www.debian.org/security/2023/dsa-5336"},{"reference_url":"https://www.debian.org/security/2023/dsa-5337","reference_id":"dsa-5337","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-31T16:49:04Z/"}],"url":"https://www.debian.org/security/2023/dsa-5337"},{"reference_url":"https://www.debian.org/security/2023/dsa-5338","reference_id":"dsa-5338","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-31T16:49:04Z/"}],"url":"https://www.debian.org/security/2023/dsa-5338"},{"reference_url":"https://github.com/advisories/GHSA-7h75-hwxx-qpgc","reference_id":"GHSA-7h75-hwxx-qpgc","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-7h75-hwxx-qpgc"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/01/msg00040.html","reference_id":"msg00040.html","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-31T16:49:04Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/01/msg00040.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/01/msg00041.html","reference_id":"msg00041.html","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-31T16:49:04Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/01/msg00041.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/01/msg00042.html","reference_id":"msg00042.html","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-31T16:49:04Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/01/msg00042.html"},{"reference_url":"https://security.openstack.org/ossa/OSSA-2023-002.html","reference_id":"OSSA-2023-002.html","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-31T16:49:04Z/"}],"url":"https://security.openstack.org/ossa/OSSA-2023-002.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1015","reference_id":"RHSA-2023:1015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1016","reference_id":"RHSA-2023:1016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1017","reference_id":"RHSA-2023:1017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1278","reference_id":"RHSA-2023:1278","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1278"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1279","reference_id":"RHSA-2023:1279","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1279"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1280","reference_id":"RHSA-2023:1280","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1280"},{"reference_url":"https://usn.ubuntu.com/5835-1/","reference_id":"USN-5835-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5835-1/"},{"reference_url":"https://usn.ubuntu.com/5835-2/","reference_id":"USN-5835-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5835-2/"},{"reference_url":"https://usn.ubuntu.com/5835-3/","reference_id":"USN-5835-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5835-3/"},{"reference_url":"https://usn.ubuntu.com/5835-4/","reference_id":"USN-5835-4","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5835-4/"},{"reference_url":"https://usn.ubuntu.com/5835-5/","reference_id":"USN-5835-5","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5835-5/"},{"reference_url":"https://usn.ubuntu.com/6882-2/","reference_id":"USN-6882-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6882-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/34483?format=json","purl":"pkg:deb/debian/cinder@2:17.0.1-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:17.0.1-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/34517?format=json","purl":"pkg:deb/debian/cinder@2:21.0.0-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:21.0.0-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/34481?format=json","purl":"pkg:deb/debian/cinder@2:21.3.1-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:21.3.1-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/34486?format=json","purl":"pkg:deb/debian/cinder@2:26.0.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:26.0.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/34484?format=json","purl":"pkg:deb/debian/cinder@2:28.0.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:28.0.0-1%3Fdistro=trixie"}],"aliases":["CVE-2022-47951","GHSA-7h75-hwxx-qpgc"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ggvm-x76g-3ya9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/203424?format=json","vulnerability_id":"VCID-j5f8-982p-pqd8","summary":"The (1) GlusterFS and (2) Linux Smbfs drivers in OpenStack Cinder before 2014.1.3 allows remote authenticated users to obtain file data from the Cinder-volume host by cloning and attaching a volume with a crafted qcow2 header.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1787.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2014-1787.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1788.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2014-1788.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3641.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3641.json"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2014-3641","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/security/cve/CVE-2014-3641"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3641","reference_id":"","reference_type":"","scores":[{"value":"0.00329","scoring_system":"epss","scoring_elements":"0.56228","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3641"},{"reference_url":"https://bugs.launchpad.net/cinder/+bug/1350504","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugs.launchpad.net/cinder/+bug/1350504"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3641","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3641"},{"reference_url":"http://seclists.org/oss-sec/2014/q4/78","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://seclists.org/oss-sec/2014/q4/78"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-3641","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-3641"},{"reference_url":"https://opendev.org/openstack/cinder","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://opendev.org/openstack/cinder"},{"reference_url":"https://web.archive.org/web/20200228053848/http://www.securityfocus.com/bid/70221","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20200228053848/http://www.securityfocus.com/bid/70221"},{"reference_url":"http://www.ubuntu.com/usn/USN-2405-1","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.ubuntu.com/usn/USN-2405-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1141996","reference_id":"1141996","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1141996"},{"reference_url":"https://github.com/advisories/GHSA-qhch-g8qr-p497","reference_id":"GHSA-qhch-g8qr-p497","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-qhch-g8qr-p497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1787","reference_id":"RHSA-2014:1787","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2014:1787"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1788","reference_id":"RHSA-2014:1788","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2014:1788"},{"reference_url":"https://usn.ubuntu.com/2405-1/","reference_id":"USN-2405-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2405-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/34497?format=json","purl":"pkg:deb/debian/cinder@2014.1.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2014.1.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/34483?format=json","purl":"pkg:deb/debian/cinder@2:17.0.1-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:17.0.1-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/34481?format=json","purl":"pkg:deb/debian/cinder@2:21.3.1-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:21.3.1-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/34486?format=json","purl":"pkg:deb/debian/cinder@2:26.0.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:26.0.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/34484?format=json","purl":"pkg:deb/debian/cinder@2:28.0.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:28.0.0-1%3Fdistro=trixie"}],"aliases":["CVE-2014-3641","GHSA-qhch-g8qr-p497"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j5f8-982p-pqd8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/430?format=json","vulnerability_id":"VCID-qjm2-qt8t-j3ab","summary":"","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2923.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2016-2923.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2991.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2016-2991.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0153.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2017-0153.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0156.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2017-0156.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0165.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2017-0165.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0282.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2017-0282.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5162.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5162.json"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2015-5162","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/security/cve/CVE-2015-5162"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5162","reference_id":"","reference_type":"","scores":[{"value":"0.0361","scoring_system":"epss","scoring_elements":"0.88055","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5162"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5162","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5162"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/openstack/cinder/commit/455b318ced717fb38dfe40014817d78fbc47dea5","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openstack/cinder/commit/455b318ced717fb38dfe40014817d78fbc47dea5"},{"reference_url":"https://github.com/openstack/glance/commit/69a9b659fd48aa3c1f84fc7bc9ae236b6803d31f","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openstack/glance/commit/69a9b659fd48aa3c1f84fc7bc9ae236b6803d31f"},{"reference_url":"https://github.com/openstack/nova/commit/6bc37dcceca823998068167b49aec6def3112397","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openstack/nova/commit/6bc37dcceca823998068167b49aec6def3112397"},{"reference_url":"https://launchpad.net/bugs/1449062","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://launchpad.net/bugs/1449062"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-5162","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-5162"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/10/06/8","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2016/10/06/8"},{"reference_url":"http://www.securityfocus.com/bid/76849","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/bid/76849"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1268303","reference_id":"1268303","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1268303"},{"reference_url":"https://github.com/advisories/GHSA-g2j5-7vgx-6xrx","reference_id":"GHSA-g2j5-7vgx-6xrx","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-g2j5-7vgx-6xrx"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2923","reference_id":"RHSA-2016:2923","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2923"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2991","reference_id":"RHSA-2016:2991","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2991"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0153","reference_id":"RHSA-2017:0153","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0153"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0156","reference_id":"RHSA-2017:0156","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0156"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0165","reference_id":"RHSA-2017:0165","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0282","reference_id":"RHSA-2017:0282","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0282"},{"reference_url":"https://usn.ubuntu.com/3449-1/","reference_id":"USN-3449-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3449-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/34506?format=json","purl":"pkg:deb/debian/cinder@2:8.0.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:8.0.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/34483?format=json","purl":"pkg:deb/debian/cinder@2:17.0.1-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:17.0.1-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/34481?format=json","purl":"pkg:deb/debian/cinder@2:21.3.1-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:21.3.1-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/34486?format=json","purl":"pkg:deb/debian/cinder@2:26.0.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:26.0.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/34484?format=json","purl":"pkg:deb/debian/cinder@2:28.0.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:28.0.0-1%3Fdistro=trixie"}],"aliases":["CVE-2015-5162","GHSA-g2j5-7vgx-6xrx"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qjm2-qt8t-j3ab"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/203555?format=json","vulnerability_id":"VCID-sf6n-28tj-rfeh","summary":"The processutils.execute function in OpenStack oslo-incubator, Cinder, Nova, and Trove before 2013.2.4 and 2014.1 before 2014.1.3 allows local users to obtain passwords from commands that cause a ProcessExecutionError by reading the log.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7230.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7230.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-7230","reference_id":"","reference_type":"","scores":[{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.30944","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-7230"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7230","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7230"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1147722","reference_id":"1147722","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1147722"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765704","reference_id":"765704","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765704"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765714","reference_id":"765714","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765714"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1781","reference_id":"RHSA-2014:1781","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1781"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1782","reference_id":"RHSA-2014:1782","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1782"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1787","reference_id":"RHSA-2014:1787","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1787"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1788","reference_id":"RHSA-2014:1788","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1788"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1939","reference_id":"RHSA-2014:1939","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1939"},{"reference_url":"https://usn.ubuntu.com/2405-1/","reference_id":"USN-2405-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2405-1/"},{"reference_url":"https://usn.ubuntu.com/2407-1/","reference_id":"USN-2407-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2407-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/34501?format=json","purl":"pkg:deb/debian/cinder@2014.1.3-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2014.1.3-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/34483?format=json","purl":"pkg:deb/debian/cinder@2:17.0.1-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:17.0.1-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/34481?format=json","purl":"pkg:deb/debian/cinder@2:21.3.1-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:21.3.1-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/34486?format=json","purl":"pkg:deb/debian/cinder@2:26.0.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:26.0.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/34484?format=json","purl":"pkg:deb/debian/cinder@2:28.0.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:28.0.0-1%3Fdistro=trixie"}],"aliases":["CVE-2014-7230"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sf6n-28tj-rfeh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/202882?format=json","vulnerability_id":"VCID-t86s-j3h5-jyhv","summary":"The (1) backup (api/contrib/backups.py) and (2) volume transfer (contrib/volume_transfer.py) APIs in OpenStack Cinder Grizzly 2013.1.3 and earlier allows remote attackers to cause a denial of service (resource consumption and crash) via an XML Entity Expansion (XEE) attack.  NOTE: this issue is due to an incomplete fix for CVE-2013-1664.","references":[{"reference_url":"http://github.com/openstack/cinder/commit/2023eecc4b1a35daf42a64fa01967ed12c7d017b","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://github.com/openstack/cinder/commit/2023eecc4b1a35daf42a64fa01967ed12c7d017b"},{"reference_url":"http://github.com/openstack/cinder/commit/4ad95dba4fccbbc0df923dea0dc9e5c3ac9f4cc2","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://github.com/openstack/cinder/commit/4ad95dba4fccbbc0df923dea0dc9e5c3ac9f4cc2"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-1198.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2013-1198.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4202.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4202.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4202","reference_id":"","reference_type":"","scores":[{"value":"0.00841","scoring_system":"epss","scoring_elements":"0.75173","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4202"},{"reference_url":"https://bugs.launchpad.net/ossa/+bug/1190229","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugs.launchpad.net/ossa/+bug/1190229"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4202","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4202"},{"reference_url":"https://github.com/openstack/cinder","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openstack/cinder"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-4202","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-4202"},{"reference_url":"http://www.ubuntu.com/usn/USN-2005-1","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.ubuntu.com/usn/USN-2005-1"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=719118","reference_id":"719118","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=719118"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=991630","reference_id":"991630","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=991630"},{"reference_url":"https://github.com/advisories/GHSA-mfg4-9xf4-f45q","reference_id":"GHSA-mfg4-9xf4-f45q","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-mfg4-9xf4-f45q"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1198","reference_id":"RHSA-2013:1198","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1198"},{"reference_url":"https://usn.ubuntu.com/2005-1/","reference_id":"USN-2005-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2005-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/34492?format=json","purl":"pkg:deb/debian/cinder@2013.1.2-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2013.1.2-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/34483?format=json","purl":"pkg:deb/debian/cinder@2:17.0.1-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:17.0.1-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/34481?format=json","purl":"pkg:deb/debian/cinder@2:21.3.1-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:21.3.1-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/34486?format=json","purl":"pkg:deb/debian/cinder@2:26.0.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:26.0.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/34484?format=json","purl":"pkg:deb/debian/cinder@2:28.0.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:28.0.0-1%3Fdistro=trixie"}],"aliases":["CVE-2013-4202","GHSA-mfg4-9xf4-f45q"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t86s-j3h5-jyhv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7513?format=json","vulnerability_id":"VCID-zbnv-qctv-3bhu","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10755.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10755.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10755","reference_id":"","reference_type":"","scores":[{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39839","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10755"},{"reference_url":"https://bugs.launchpad.net/cinder/+bug/1823200","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugs.launchpad.net/cinder/+bug/1823200"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10755","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10755"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10755","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10755"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/openstack/cinder/commit/ba785eef5f515b869c0d68016e84bb74f76ab45e","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openstack/cinder/commit/ba785eef5f515b869c0d68016e84bb74f76ab45e"},{"reference_url":"https://github.com/openstack/os-brick/commit/4047948f1ac8055a025972ad73ec3ec421450775","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openstack/os-brick/commit/4047948f1ac8055a025972ad73ec3ec421450775"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/cinder/PYSEC-2020-228.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/cinder/PYSEC-2020-228.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-10755","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-10755"},{"reference_url":"https://usn.ubuntu.com/4420-1","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://usn.ubuntu.com/4420-1"},{"reference_url":"https://usn.ubuntu.com/4420-1/","reference_id":"","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4420-1/"},{"reference_url":"https://wiki.openstack.org/wiki/OSSN/OSSN-0086","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://wiki.openstack.org/wiki/OSSN/OSSN-0086"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1842748","reference_id":"1842748","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1842748"},{"reference_url":"https://github.com/advisories/GHSA-v3m2-pg96-w33m","reference_id":"GHSA-v3m2-pg96-w33m","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-v3m2-pg96-w33m"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4283","reference_id":"RHSA-2020:4283","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4283"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4391","reference_id":"RHSA-2020:4391","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4391"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/34512?format=json","purl":"pkg:deb/debian/cinder@2:16.1.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:16.1.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/34483?format=json","purl":"pkg:deb/debian/cinder@2:17.0.1-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:17.0.1-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/34481?format=json","purl":"pkg:deb/debian/cinder@2:21.3.1-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:21.3.1-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/34486?format=json","purl":"pkg:deb/debian/cinder@2:26.0.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:26.0.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/34484?format=json","purl":"pkg:deb/debian/cinder@2:28.0.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:28.0.0-1%3Fdistro=trixie"}],"aliases":["CVE-2020-10755","GHSA-v3m2-pg96-w33m","PYSEC-2020-228"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zbnv-qctv-3bhu"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cinder@2:28.0.0-1%3Fdistro=trixie"}