GCVE - cpe:2.3:a:openstack:compute:2013.1.1:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:openstack:compute:2013.1.1:*:*:*:*:*:*:*

part: a version: 2013.1.1 update: *

Vendor	Openstack (`7b0cf974-b2b5-592e-bdf4-6953805ef02a`)
Product	Compute (`8976b317-32c2-5dce-aa28-7b7e42d27d27`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
`pkg:gem/openstack-compute`	purl2cpe	2026-06-01 10:17:02.968003
`pkg:rpm/opensuse/perl-net-openstack-compute`	purl2cpe	2026-06-01 10:17:02.968005

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2014-0167`	vulnerable	2026-06-03 14:33:37.331397	Details available The Nova EC2 API security group implementation in OpenStack Compute (Nova) 2013.1 before 2013.2.4 and icehouse before icehouse-rc2 does not enforce RBAC policies for (1) add_rules, (2) remove_rules, (3) destroy, and other unspecified methods in compute/api.py when using non-default policies, which allows remote authenticated users to gain privileges via these API requests. Published: 2014-04-15T14:00:00.000Z Updated: 2024-08-06T09:05:38.956Z Open on db.gcve.eu Reference links http://www.openwall.com/lists/oss-security/2014/04/09/26 https://launchpad.net/bugs/1290537 http://www.ubuntu.com/usn/USN-2247-1	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-7130`	vulnerable	2026-06-03 14:33:34.065320	Details available The i_create_images_and_backing (aka create_images_and_backing) method in libvirt driver in OpenStack Compute (Nova) Grizzly, Havana, and Icehouse, when using KVM live block migration, does not properly create all expected files, which allows attackers to obtain snapshot root disk contents of other users via ephemeral storage. Published: 2014-02-06T16:00:00.000Z Updated: 2024-08-06T18:01:19.335Z Open on db.gcve.eu Reference links https://review.openstack.org/#/c/68659/ https://review.openstack.org/#/c/68658/ http://www.securityfocus.com/bid/65106 https://review.openstack.org/#/c/68660/ https://exchange.xforce.ibmcloud.com/vulnerabilities/90652	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-2030`	vulnerable	2026-06-03 14:32:53.273975	Details available keystone/middleware/auth_token.py in OpenStack Nova Folsom, Grizzly, and Havana uses an insecure temporary directory for storing signing certificates, which allows local users to spoof servers by pre-creating this directory, which is reused by Nova, as demonstrated using /tmp/keystone-signing-nova on Fedora. Published: 2013-12-27T01:00:00.000Z Updated: 2024-08-06T15:20:37.504Z Open on db.gcve.eu Reference links http://www.openwall.com/lists/oss-security/2013/05/09/2 http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105916.html http://lists.openstack.org/pipermail/openstack-announce/2013-May/000098.html https://bugs.launchpad.net/nova/+bug/1174608 https://bugzilla.redhat.com/show_bug.cgi?id=958285	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.