PYSEC-2013-35

See a problem?

Import Source

https://github.com/pypa/advisory-database/blob/main/vulns/cinder/PYSEC-2013-35.yaml

JSON Data

https://api.osv.dev/v1/vulns/PYSEC-2013-35

Aliases

CVE-2013-4183
GHSA-q3rw-wcj6-8cjf

Published

2013-09-16T19:14:00Z

Modified

2024-11-25T22:42:02.600942Z

Summary

[none]

Details

The clear_volume function in LVMVolumeDriver driver in OpenStack Cinder 2013.1.1 through 2013.1.2 does not properly clear data when deleting a snapshot, which allows local users to obtain sensitive information via unspecified vectors.

References

http://rhn.redhat.com/errata/RHSA-2013-1198.html
https://bugs.launchpad.net/cinder/+bug/1198185
http://www.ubuntu.com/usn/USN-2005-1

Affected packages

PyPI / cinder

Package

Name: cinder; View open source insights on deps.dev
Purl: pkg:pypi/cinder

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.0.0a0

Database specific

source

"https://github.com/pypa/advisory-database/blob/main/vulns/cinder/PYSEC-2013-35.yaml"