Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openstack glance vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-4134
A flaw was found in openstack-glance. This issue could allow a remote, authenticated malicious user to tamper with images, compromising the integrity of virtual machines created using these modified images.
Openstack Glance
Redhat Openstack 13
Redhat Openstack 16.1
Redhat Openstack 16.2
Redhat Openstack 17
5.5
CVSSv2
CVE-2012-4573
The v1 API in OpenStack Glance Grizzly, Folsom (2012.2), and Essex (2012.1) allows remote authenticated users to delete arbitrary non-protected images via an image deletion request, a different vulnerability than CVE-2012-5482.
Openstack Folsom 2012.2
Openstack Essex 2012.1
Openstack Image Registry And Delivery Service \\(glance\\) -
5.5
CVSSv2
CVE-2012-5482
The v2 API in OpenStack Glance Grizzly, Folsom (2012.2), and Essex (2012.1) allows remote authenticated users to delete arbitrary non-protected images via an image deletion request. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-4573.
Openstack Image Registry And Delivery Service \\(glance\\) -
Openstack Folsom 2012.2
Openstack Essex 2012.1
NA
CVE-2022-47951
An issue exists in OpenStack Cinder prior to 19.1.2, 20.x prior to 20.0.2, and 21.0.0; Glance prior to 23.0.1, 24.x prior to 24.1.1, and 25.0.0; and Nova prior to 24.1.2, 25.x prior to 25.0.2, and 26.0.0. By supplying a specially created VMDK flat image that references a specific...
Openstack Nova
Openstack Glance
Openstack Cinder
Debian Debian Linux 10.0
Debian Debian Linux 11.0
6.5
CVSSv2
CVE-2015-1195
The V2 API in OpenStack Image Registry and Delivery Service (Glance) prior to 2014.1.4 and 2014.2.x prior to 2014.2.2 allows remote authenticated users to read or delete arbitrary files via a full pathname in a filesystem: URL in the image location property. NOTE: this vulnerabil...
Openstack Image Registry And Delivery Service \\(glance\\)
2.1
CVSSv2
CVE-2013-4354
The API prior to 2.1 in OpenStack Image Registry and Delivery Service (Glance) makes it easier for local users to inject images into arbitrary tenants by adding the tenant as a member of the image.
Openstack Image Registry And Delivery Service \\(glance\\) -
1.9
CVSSv2
CVE-2013-4469
OpenStack Compute (Nova) Folsom, Grizzly, and Havana, when use_cow_images is set to False, does not verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service (host file system disk consumption) by transferring an image with a large virtual si...
Openstack Havana -
Openstack Grizzly -
Openstack Folsom -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2