Vulnerabilities > Openstack > Image Registry AND Delivery Service Glance > Low

DATE	CVE	VULNERABILITY TITLE	RISK
2014-02-14	CVE-2014-1948	Credentials Management vulnerability in Openstack Image Registry and Delivery Service (Glance) 2013.2/2013.2.1 OpenStack Image Registry and Delivery Service (Glance) 2013.2 through 2013.2.1 and Icehouse before icehouse-2 logs a URL containing the Swift store backend password when authentication fails and WARNING level logging is enabled, which allows local users to obtain sensitive information by reading the log. local high complexity openstack CWE-255	2.6
2013-11-23	CVE-2013-4354	Improper Input Validation vulnerability in Openstack Image Registry and Delivery Service (Glance) The API before 2.1 in OpenStack Image Registry and Delivery Service (Glance) makes it easier for local users to inject images into arbitrary tenants by adding the tenant as a member of the image. local low complexity openstack CWE-20	2.1

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.