VIR Vulnerability Intelligence Relay

Package impact

python PyPI / glance

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2015-5162 high 7.5 7.5 10y ago OpenStack Cinder, Glance, and Nova contain Uncontrolled Resource Consumption susedebianpython
CVE-2015-5286 medium 6.8 11y ago OpenStack Image Service (Glance) allows remote authenticated users to bypass storage quota, cause denial of service debianpython
CVE-2015-1195 medium 6.5 12y ago OpenStack Glance v2 API unrestricted path traversal through filesystem:// scheme debianpython
CVE-2014-0162 medium 6.0 12y ago OpenStack Image Registry and Delivery Service (Glance) Improper Input Validation vulnerability debianpython
CVE-2017-7200 medium 5.8 5.8 9y ago OpenStack Glance Server-Side Request Forgery (SSRF) susedebianpython
CVE-2012-4573 medium 5.5 4y ago The v1 API in OpenStack Glance Grizzly, Folsom (2012.2), and Essex (2012.1) allows remote authenticated users to delete arbitrary non-protected images via an image deletion request, a different vulne… debianpython
CVE-2015-8234 medium 5.5 5.5 9y ago The image signature algorithm in OpenStack Glance 11.0.0 allows remote attackers to bypass the signature verification process via a crafted image, which triggers an MD5 collision. debianpython
CVE-2015-5251 medium 5.5 11y ago OpenStack Image Service (Glance) allows remote authenticated users to bypass access restrictions debianpython
CVE-2012-5482 medium 5.5 14y ago OpenStack Glance arbitrary deletion of non-protected images debianpython
CVE-2016-0757 medium 4.3 4.3 4y ago OpenStack Image Service (Glance) before 2015.1.3 (kilo) and 11.0.x before 11.0.2 (liberty), when show_multiple_locations is enabled, allow remote authenticated users to change image status and upload… susedebianpython
CVE-2015-1881 medium 4.0 4y ago OpenStack Image Registry and Delivery Service (Glance) 2014.2 through 2014.2.2 does not properly remove images, which allows remote authenticated users to cause a denial of service (disk consumption)… debianpython
CVE-2014-5356 medium 4.0 4y ago OpenStack Image Registry and Delivery Service (Glance) before 2013.2.4, 2014.x before 2014.1.3, and Juno before Juno-3, when using the V2 API, does not properly enforce the image_size_cap configurati… debianubuntupython
CVE-2014-9684 medium 4.0 11y ago OpenStack Image Registry and Delivery Service (Glance) 2014.2 through 2014.2.2 does not properly remove images, which allows remote authenticated users to cause a denial of service (disk consumption)… debianpython
CVE-2014-9623 medium 4.0 12y ago OpenStack Glance Bypass the storage quota and Denial of service debianpythonredhat
CVE-2013-0212 medium 4.0 13y ago OpenStack Glance logs user name and password in cleartext debianubuntupython
CVE-2015-5163 low 3.5 11y ago The import task action in OpenStack Image Service (Glance) 2015.1.x before 2015.1.2 (kilo), when using the V2 API, allows remote authenticated users to read arbitrary files via a crafted backing file… debianpython
CVE-2013-1840 low 3.5 13y ago The v1 API in OpenStack Glance Essex (2012.1), Folsom (2012.2), and Grizzly, when using the single-tenant Swift or S3 store, reports the location field, which allows remote authenticated users to obt… debianpythonaws
CVE-2014-1948 low 2.6 4y ago OpenStack Image Registry and Delivery Service (Glance) 2013.2 through 2013.2.1 and Icehouse before icehouse-2 logs a URL containing the Swift store backend password when authentication fails and WARN… debianpython