openstack-glance is vulnerable to denial of service (DoS) attacks. The vulnerability exists as OpenStack Glance 2014.2.x through 2014.2.1, 2014.1.3, and earlier allows remote authenticated users to bypass the storage quota and cause a denial of service (disk consumption) by deleting an image in the saving state.
rhn.redhat.com/errata/RHSA-2015-0644.html
rhn.redhat.com/errata/RHSA-2015-0837.html
rhn.redhat.com/errata/RHSA-2015-0838.html
secunia.com/advisories/62165
www.openwall.com/lists/oss-security/2015/01/18/4
www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
access.redhat.com/security/updates/classification/#low
bugs.launchpad.net/glance/+bug/1383973
bugs.launchpad.net/glance/+bug/1398830
bugzilla.redhat.com/show_bug.cgi?id=1175367
bugzilla.redhat.com/show_bug.cgi?id=1188390
bugzilla.redhat.com/show_bug.cgi?id=911568
rhn.redhat.com/errata/RHSA-2015-0644.html
security.openstack.org/ossa/OSSA-2015-003.html
wiki.openstack.org/wiki/ReleaseNotes/2014.2.2