Moderate severityNVD Advisory· Published Feb 14, 2014· Updated Jun 17, 2026
CVE-2014-1948
CVE-2014-1948
Description
OpenStack Image Registry and Delivery Service (Glance) 2013.2 through 2013.2.1 and Icehouse before icehouse-2 logs a URL containing the Swift store backend password when authentication fails and WARNING level logging is enabled, which allows local users to obtain sensitive information by reading the log.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
glancePyPI | < 11.0.0a0 | 11.0.0a0 |
Affected products
3cpe:2.3:a:openstack:image_registry_and_delivery_service_\(glance\):2013.2:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:openstack:image_registry_and_delivery_service_\(glance\):2013.2:*:*:*:*:*:*:*
- cpe:2.3:a:openstack:image_registry_and_delivery_service_\(glance\):2013.2.1:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
10- github.com/advisories/GHSA-4xw6-hj5p-4j79ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2014-1948ghsaADVISORY
- rhn.redhat.com/errata/RHSA-2014-0229.htmlnvdWEB
- www.openwall.com/lists/oss-security/2014/02/12/18nvdWEB
- bugs.launchpad.net/glance/+bug/1275062nvdWEB
- github.com/openstack/glance/commit/108f0e04ad2ed3dc287f1b71b987a7e9d66072baghsaWEB
- github.com/openstack/glance/commit/f6e41e9c0ff3aa9ee57b8c8ed8c789f1aff019bcghsaWEB
- github.com/pypa/advisory-database/tree/main/vulns/glance/PYSEC-2014-102.yamlghsaWEB
- secunia.com/advisories/56419nvd
- www.securityfocus.com/bid/65507nvd
News mentions
0No linked articles in our index yet.