Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2015:0246
HistoryFeb 19, 2015 - 12:00 a.m.

(RHSA-2015:0246) Important: openstack-glance security update

2015-02-1900:00:00
access.redhat.com
19

EPSS

0.004

Percentile

73.8%

JSON

OpenStack Image service (glance) provides discovery, registration, and
delivery services for disk and server images. It provides the ability to
copy or snapshot a server image, and immediately store it away. Stored
images can be used as a template to get new servers up and running quickly
and more consistently than installing a server operating system and
individually configuring additional services.

It was discovered that an authenticated user could use a path traversal
flaw in glance to download or delete any file on the glance server that is
accessible to the glance process user. Note that only setups using the
OpenStack Image V2 API were affected by this flaw. (CVE-2014-9493)

All openstack-glance users are advised to upgrade to these updated
packages, which correct these issues. After installing the updated
packages, the running glance services will be restarted automatically.

OSVersionArchitecturePackageVersionFilename
RedHat6noarchopenstack-glance-doc< 2013.2.4-3.el6ostopenstack-glance-doc-2013.2.4-3.el6ost.noarch.rpm
RedHat6noarchopenstack-glance< 2013.2.4-3.el6ostopenstack-glance-2013.2.4-3.el6ost.noarch.rpm
RedHat6srcopenstack-glance< 2013.2.4-3.el6ostopenstack-glance-2013.2.4-3.el6ost.src.rpm
RedHat7noarchpython-glance< 2014.1.3-4.el7ostpython-glance-2014.1.3-4.el7ost.noarch.rpm
RedHat6noarchopenstack-glance-doc< 2014.1.3-4.el6ostopenstack-glance-doc-2014.1.3-4.el6ost.noarch.rpm
RedHat6noarchopenstack-glance< 2014.1.3-4.el6ostopenstack-glance-2014.1.3-4.el6ost.noarch.rpm
RedHat7noarchopenstack-glance-doc< 2014.1.3-4.el7ostopenstack-glance-doc-2014.1.3-4.el7ost.noarch.rpm
RedHat6srcopenstack-glance< 2014.1.3-4.el6ostopenstack-glance-2014.1.3-4.el6ost.src.rpm
RedHat6noarchpython-glance< 2014.1.3-4.el6ostpython-glance-2014.1.3-4.el6ost.noarch.rpm
RedHat7noarchopenstack-glance< 2014.1.3-4.el7ostopenstack-glance-2014.1.3-4.el7ost.noarch.rpm
Rows per page:
1-10 of 111

Related

prion 2
nvd 2
veracode 1
cve 2
cvelist 2
debiancve 2
github 1
ubuntucve 2
prion
prion
Design/Logic Flaw
2015-01-07 19:59:00
Design/Logic Flaw
2015-01-21 18:59:00
nvd
nvd
CVE-2014-9493
2015-01-07 19:59:02
CVE-2015-1195
2015-01-21 18:59:56
veracode
veracode
Arbitrary File Read
2019-01-15 09:04:41
cve
cve
CVE-2014-9493
2015-01-07 19:59:02
CVE-2015-1195
2015-01-21 18:59:56
cvelist
cvelist
CVE-2014-9493
2015-01-07 19:00:00
CVE-2015-1195
2015-01-21 18:00:00
debiancve
debiancve
CVE-2014-9493
2015-01-07 19:59:02
CVE-2015-1195
2015-01-21 18:59:56
github
github
OpenStack Glance v2 API unrestricted path traversal through filesystem:// scheme
2022-05-14 01:37:00
ubuntucve
ubuntucve
CVE-2015-1195
2015-01-21 00:00:00
CVE-2014-9493
2015-01-07 00:00:00

EPSS

0.004

Percentile

73.8%

JSON
Related for RHSA-2015:0246
prion2nvd2veracode1cve2cvelist2debiancve2github1ubuntucve2