33 matches found
EUVD-2015-0036
Malware in sbrugna...
EUVD-2022-4907
Malicious code in bioql PyPI...
EUVD-2022-4019
Malicious code in bioql PyPI...
RHEL 7 : openstack-cinder, openstack-glance, and openstack-nova update (Moderate) (RHSA-2016:2991)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2016:2991 advisory. OpenStack Compute nova launches and schedules large networks of virtual machines, creating a redundant and scalable cloud computing platform. Compute...
RHEL 7 : openstack-cinder, openstack-glance, and openstack-nova (RHSA-2017:0282)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2017:0282 advisory. The Oslo concurrency library has utilities for safely running multi-thread, multi-process applications using locking mechanisms, and for running...
RHEL 6 : openstack-glance (RHSA-2014:1685)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2014:1685 advisory. OpenStack Image service glance provides discovery, registration, and delivery services for disk and server images. It provides the ability to copy or...
Moderate: Red Hat Security Advisory: Red Hat OpenStack Platform 17.1 (python-glance-store) security update
An update for python-glance-store is now available for Red Hat OpenStack Platform 17.1 Wallaby. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
Important: Red Hat Security Advisory: Red Hat OpenStack Platform 17.0 (openstack-glance) security update
An update for openstack-glance is now available for Red Hat OpenStack Platform 17.0 Wallaby. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...
GHSA-GVJG-R9FV-7QX9 OpenStack Image Service (Glance) allows remote authenticated users to bypass storage quota, cause denial of service
OpenStack Image Service Glance before 2014.2.4 juno and 2015.1.x before 2015.1.2 kilo allows remote authenticated users to bypass the storage quota and cause a denial of service disk consumption by deleting images that are being uploaded using a token that expires during the process. NOTE: this...
Authorization Bypass
openstack-glance is vulnerable to authorization bypass. A flaw was discovered in the OpenStack Image service where a tenant could manipulate the status of their images by submitting an HTTP PUT request together with an 'x-image-meta-status' header. A malicious tenant could exploit this flaw to...
Arbitrary File Read
openstack-glance is vulnerable to arbitrary file read. A flaw was found in the OpenStack Image Service glance import task action. When processing a malicious qcow2 header, glance could be tricked into reading an arbitrary file from the glance host. Only setups using the glance V2 API are affected...
CVE-2016-0757
OpenStack Image Service Glance before 2015.1.3 kilo and 11.0.x before 11.0.2 liberty, when showmultiplelocations is enabled, allow remote authenticated users to change image status and upload new image data by removing the last location of an image...
PT-2016-4404 · Openstack +1 · Openstack Image Service +1
Name of the Vulnerable Software and Affected Versions: OpenStack Image Service Glance versions prior to 2015.1.3 kilo OpenStack Image Service Glance versions 11.0.x prior to 11.0.2 liberty Description: The issue allows remote authenticated users to tamper with images, potentially compromising the...
Low: Red Hat Security Advisory: openstack-glance security update
Updated openstack-glance packages that fix one security issue are now available for Red Hat Enterprise Linux OpenStack Platform 7.0 Kilo for RHEL 7. Red Hat Product Security has rated this update as having a Low security impact. Common Vulnerability Scoring System CVSS base scores, which give...
Low: Red Hat Security Advisory: openstack-glance security update
Updated openstack-glance packages that fix one security issue are now available for Red Hat Enterprise Linux OpenStack Platform 6.0 Juno for RHEL 7. Red Hat Product Security has rated this update as having a Low security impact. Common Vulnerability Scoring System CVSS base scores, which give...
[SECURITY] Fedora 23 Update: openstack-glance-2015.1.2-1.fc23
OpenStack Image Service code-named Glance provides discovery, registratio n, and delivery services for virtual disk images. The Image Service API server provides a standard REST interface for querying information about virtual d isk images stored in a variety of back-end stores, including OpenSta...
Multiple Vulnerabilities in OpenStack Image Service
OpenStack is a cloud platform management project developed by the National Aeronautics and Space Administration NASA in collaboration with Rackspace, Inc. in the U.S. Image Service Glance is one of the projects that can store, query, and retrieve virtual machine Image Service Glance is one of the...
CVE-2015-5286
OpenStack Image Service Glance before 2014.2.4 juno and 2015.1.x before 2015.1.2 kilo allows remote authenticated users to bypass the storage quota and cause a denial of service disk consumption by deleting images that are being uploaded using a token that expires during the process. NOTE: this...
CVE-2015-5251
OpenStack Image Service Glance before 2014.2.4 juno and 2015.1.x before 2015.1.2 kilo allow remote authenticated users to change the status of their images and bypass access restrictions via the HTTP x-image-meta-status header to images/...
CVE-2015-5286
OpenStack Image Service Glance before 2014.2.4 juno and 2015.1.x before 2015.1.2 kilo allows remote authenticated users to bypass the storage quota and cause a denial of service disk consumption by deleting images that are being uploaded using a token that expires during the process. NOTE: this...