Vulnerabilities > Openstack > Glance > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-03-06 | CVE-2022-4134 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in multiple products A flaw was found in openstack-glance. | 2.8 |
2013-10-27 | CVE-2013-4428 | Permissions, Privileges, and Access Controls vulnerability in multiple products OpenStack Image Registry and Delivery Service (Glance) Folsom, Grizzly before 2013.1.4, and Havana before 2013.2, when the download_image policy is configured, does not properly restrict access to cached images, which allows remote authenticated users to read otherwise restricted images via an image UUID. | 3.5 |
2013-03-22 | CVE-2013-1840 | Information Exposure vulnerability in Openstack Glance V1 The v1 API in OpenStack Glance Essex (2012.1), Folsom (2012.2), and Grizzly, when using the single-tenant Swift or S3 store, reports the location field, which allows remote authenticated users to obtain the operator's backend credentials via a request for a cached image. | 3.5 |