VYPR
Low severityNVD Advisory· Published Jan 7, 2014· Updated Jun 17, 2026

CVE-2013-6480

CVE-2013-6480

Description

Libcloud 0.12.3 through 0.13.2 does not set the scrub_data parameter for the destroy DigitalOcean API, which allows local users to obtain sensitive information by leveraging a new VM.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
apache-libcloudPyPI
>= 0.12.3, < 0.13.30.13.3

Affected products

6
  • Apache/Libcloud5 versions
    cpe:2.3:a:apache:libcloud:0.12.3:*:*:*:*:*:*:*+ 4 more
    • cpe:2.3:a:apache:libcloud:0.12.3:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:libcloud:0.12.4:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:libcloud:0.13.0:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:libcloud:0.13.1:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:libcloud:0.13.2:*:*:*:*:*:*:*
  • ghsa-coords
    Range: >= 0.12.3, < 0.13.3

Patches

Vulnerability mechanics

References

15

News mentions

0

No linked articles in our index yet.

CVE-2013-6480 · low · VYPR