Vulnerabilities > Openstack > Image Registry AND Delivery Service Glance > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-02-14 | CVE-2014-1948 | Credentials Management vulnerability in Openstack Image Registry and Delivery Service (Glance) 2013.2/2013.2.1 OpenStack Image Registry and Delivery Service (Glance) 2013.2 through 2013.2.1 and Icehouse before icehouse-2 logs a URL containing the Swift store backend password when authentication fails and WARNING level logging is enabled, which allows local users to obtain sensitive information by reading the log. | 2.6 |
2013-11-23 | CVE-2013-4354 | Improper Input Validation vulnerability in Openstack Image Registry and Delivery Service (Glance) The API before 2.1 in OpenStack Image Registry and Delivery Service (Glance) makes it easier for local users to inject images into arbitrary tenants by adding the tenant as a member of the image. | 2.1 |