Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openstack glance vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2015-1195
The V2 API in OpenStack Image Registry and Delivery Service (Glance) prior to 2014.1.4 and 2014.2.x prior to 2014.2.2 allows remote authenticated users to read or delete arbitrary files via a full pathname in a filesystem: URL in the image location property. NOTE: this vulnerabil...
Openstack Image Registry And Delivery Service \\(glance\\)
2.1
CVSSv2
CVE-2013-4354
The API prior to 2.1 in OpenStack Image Registry and Delivery Service (Glance) makes it easier for local users to inject images into arbitrary tenants by adding the tenant as a member of the image.
Openstack Image Registry And Delivery Service \\(glance\\) -
1.9
CVSSv2
CVE-2013-4469
OpenStack Compute (Nova) Folsom, Grizzly, and Havana, when use_cow_images is set to False, does not verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service (host file system disk consumption) by transferring an image with a large virtual si...
Openstack Havana -
Openstack Grizzly -
Openstack Folsom -
3.5
CVSSv2
CVE-2013-1840
The v1 API in OpenStack Glance Essex (2012.1), Folsom (2012.2), and Grizzly, when using the single-tenant Swift or S3 store, reports the location field, which allows remote authenticated users to obtain the operator's backend credentials via a request for a cached image.
Openstack Glance V1
4
CVSSv2
CVE-2013-0212
store/swift.py in OpenStack Glance Essex (2012.1), Folsom (2012.2) prior to 2012.2.3, and Grizzly, when in Swift single tenant mode, logs the Swift endpoint's user name and password in cleartext when the endpoint is misconfigured or unusable, allows remote authenticated user...
Openstack Image Registry And Delivery Service \\(glance\\) 2012.2.2
Openstack Image Registry And Delivery Service \\(glance\\) 2012.2.1
Openstack Image Registry And Delivery Service \\(glance\\) 2012.1
Openstack Image Registry And Delivery Service \\(glance\\) 2012.2
Canonical Ubuntu Linux 11.10
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 12.04
1 Github repository
5.5
CVSSv2
CVE-2012-4573
The v1 API in OpenStack Glance Grizzly, Folsom (2012.2), and Essex (2012.1) allows remote authenticated users to delete arbitrary non-protected images via an image deletion request, a different vulnerability than CVE-2012-5482.
Openstack Folsom 2012.2
Openstack Essex 2012.1
Openstack Image Registry And Delivery Service \\(glance\\) -
5.5
CVSSv2
CVE-2012-5482
The v2 API in OpenStack Glance Grizzly, Folsom (2012.2), and Essex (2012.1) allows remote authenticated users to delete arbitrary non-protected images via an image deletion request. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-4573.
Openstack Image Registry And Delivery Service \\(glance\\) -
Openstack Folsom 2012.2
Openstack Essex 2012.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2