3 matches found
CVE-2012-4573
The CVE-2012-4573 issue affects the v1 API of OpenStack Glance (Grizzly, Folsom 2012.2, Essex 2012.1), where remote authenticated users could delete arbitrary non‑protected images via an image deletion request. The vulnerability is tied to an incomplete/faulty fix; related advisories confirm ongo...
CVE-2012-5482
The CVE-2012-5482 vulnerability affects OpenStack Glance Grizzly, Folsom (2012.2), and Essex (2012.1) where the v2 API allows remote authenticated users to delete arbitrary non-protected images via an image deletion request. Root cause noted as an incomplete fix for CVE-2012-4573. Connected advis...
CVE-2013-4354
The CVE-2013-4354 entry concerns OpenStack Image Registry and Delivery Service (Glance) before version 2.1. The vulnerability arises from the API allowing a local user to add the tenant as a member of an image, enabling injection of images into arbitrary tenants. Affected component is the Glance ...