VYPR
Moderate severityNVD Advisory· Published Feb 14, 2014· Updated Jun 17, 2026

CVE-2014-1948

CVE-2014-1948

Description

OpenStack Image Registry and Delivery Service (Glance) 2013.2 through 2013.2.1 and Icehouse before icehouse-2 logs a URL containing the Swift store backend password when authentication fails and WARNING level logging is enabled, which allows local users to obtain sensitive information by reading the log.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
glancePyPI
< 11.0.0a011.0.0a0

Affected products

3
  • cpe:2.3:a:openstack:image_registry_and_delivery_service_\(glance\):2013.2:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:openstack:image_registry_and_delivery_service_\(glance\):2013.2:*:*:*:*:*:*:*
    • cpe:2.3:a:openstack:image_registry_and_delivery_service_\(glance\):2013.2.1:*:*:*:*:*:*:*
  • ghsa-coords
    Range: < 11.0.0a0

Patches

Vulnerability mechanics

References

10

News mentions

0

No linked articles in our index yet.