3 matches found
CVE-2015-5286
OpenStack Image Service (Glance) is vulnerable in versions prior to 2014.2.4 (juno) and 2015.1.x prior to 2015.1.2 (kilo). A remote authenticated user can bypass storage quotas and cause a denial of service by deleting images that are being uploaded with a token that expires during the process. R...
CVE-2014-0162
CVE-2014-0162 affects the Sheepdog backend used by OpenStack Image Registry and Delivery Service (Glance). The vulnerability allows remote authenticated users who can insert or modify an image to run arbitrary commands via a crafted image location. Affected releases are Glance 2013.2 prior to 201...
CVE-2015-1195
The CVE-2015-1195 issue concerns OpenStack Image Registry Delivery Service (Glance) V2 API where versions prior to 2014.1.4 and 2014.2.x prior to 2014.2.2 allow an authenticated remote user to read or delete arbitrary files via a full pathname in a filesystem:// URL in the image location property...