Vulnerabilities > Openstack > Image Registry AND Delivery Service Glance > 2013.2.3

DATE CVE VULNERABILITY TITLE RISK
2015-01-23 CVE-2014-9623 Resource Management Errors vulnerability in multiple products
OpenStack Glance 2014.2.x through 2014.2.1, 2014.1.3, and earlier allows remote authenticated users to bypass the storage quota and cause a denial of service (disk consumption) by deleting an image in the saving state.
network
low complexity
redhat openstack CWE-399
4.0
4.0
2014-08-25 CVE-2014-5356 Permissions, Privileges, and Access Controls vulnerability in multiple products
OpenStack Image Registry and Delivery Service (Glance) before 2013.2.4, 2014.x before 2014.1.3, and Juno before Juno-3, when using the V2 API, does not properly enforce the image_size_cap configuration option, which allows remote authenticated users to cause a denial of service (disk consumption) by uploading a large image.
network
low complexity
openstack canonical CWE-264
4.0
4.0