Search Results (Refine Search)
- CPE Product Version: cpe:/a:openstack:image_registry_and_delivery_service_%28glance%29:2013.2.4
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2015-5286 |
OpenStack Image Service (Glance) before 2014.2.4 (juno) and 2015.1.x before 2015.1.2 (kilo) allows remote authenticated users to bypass the storage quota and cause a denial of service (disk consumption) by deleting images that are being uploaded using a token that expires during the process. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-9623. Published: October 26, 2015; 1:59:07 PM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2015-5251 |
OpenStack Image Service (Glance) before 2014.2.4 (juno) and 2015.1.x before 2015.1.2 (kilo) allow remote authenticated users to change the status of their images and bypass access restrictions via the HTTP x-image-meta-status header to images/*. Published: October 26, 2015; 1:59:06 PM -0400 |
V3.x:(not available) V2.0: 5.5 MEDIUM |
CVE-2014-9623 |
OpenStack Glance 2014.2.x through 2014.2.1, 2014.1.3, and earlier allows remote authenticated users to bypass the storage quota and cause a denial of service (disk consumption) by deleting an image in the saving state. Published: January 23, 2015; 10:59:06 AM -0500 |
V3.x:(not available) V2.0: 4.0 MEDIUM |