Search CVE reports


Toggle filters

11 – 20 of 30 results


CVE-2016-0757

Medium priority

Some fixes available 1 of 3

OpenStack Image Service (Glance) before 2015.1.3 (kilo) and 11.0.x before 11.0.2 (liberty), when show_multiple_locations is enabled, allow remote authenticated users to change image status and upload new image data by removing the...

1 affected package

glance

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
glance Not affected
Show less packages

CVE-2015-5286

Medium priority

Some fixes available 1 of 2

OpenStack Image Service (Glance) before 2014.2.4 (juno) and 2015.1.x before 2015.1.2 (kilo) allows remote authenticated users to bypass the storage quota and cause a denial of service (disk consumption) by deleting images that are...

1 affected package

glance

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
glance Not affected
Show less packages

CVE-2015-5251

Low priority

Some fixes available 1 of 2

OpenStack Image Service (Glance) before 2014.2.4 (juno) and 2015.1.x before 2015.1.2 (kilo) allow remote authenticated users to change the status of their images and bypass access restrictions via the HTTP x-image-meta-status...

1 affected package

glance

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
glance Not affected
Show less packages

CVE-2015-5163

Medium priority
Not affected

The import task action in OpenStack Image Service (Glance) 2015.1.x before 2015.1.2 (kilo), when using the V2 API, allows remote authenticated users to read arbitrary files via a crafted backing file for a qcow2 image.

1 affected package

glance

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
glance
Show less packages

CVE-2015-3289

Medium priority
Not affected

OpenStack Glance before 2015.1.1 (kilo) allows remote authenticated users to cause a denial of service (disk consumption) by repeatedly using the import task flow API to create images and then deleting them.

1 affected package

glance

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
glance
Show less packages

CVE-2015-1881

Medium priority
Not affected

OpenStack Image Registry and Delivery Service (Glance) 2014.2 through 2014.2.2 does not properly remove images, which allows remote authenticated users to cause a denial of service (disk consumption) by creating a large number of...

1 affected package

glance

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
glance
Show less packages

CVE-2014-9684

Medium priority
Not affected

OpenStack Image Registry and Delivery Service (Glance) 2014.2 through 2014.2.2 does not properly remove images, which allows remote authenticated users to cause a denial of service (disk consumption) by creating a large number of...

1 affected package

glance

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
glance
Show less packages

CVE-2014-9623

Medium priority
Fixed

OpenStack Glance 2014.2.x through 2014.2.1, 2014.1.3, and earlier allows remote authenticated users to bypass the storage quota and cause a denial of service (disk consumption) by deleting an image in the saving state.

1 affected package

glance

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
glance
Show less packages

CVE-2015-1195

Medium priority
Fixed

The V2 API in OpenStack Image Registry and Delivery Service (Glance) before 2014.1.4 and 2014.2.x before 2014.2.2 allows remote authenticated users to read or delete arbitrary files via a full pathname in a filesystem: URL in the...

1 affected package

glance

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
glance
Show less packages

CVE-2014-9493

Medium priority
Fixed

The V2 API in OpenStack Image Registry and Delivery Service (Glance) before 2014.2.2 and 2014.1.4 allows remote authenticated users to read or delete arbitrary files via a full pathname in a file: URL in the image location property.

1 affected package

glance

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
glance
Show less packages