VYPR
Medium severity4.3NVD Advisory· Published Apr 13, 2016· Updated Jun 17, 2026

CVE-2016-0757

CVE-2016-0757

Description

OpenStack Image Service (Glance) before 2015.1.3 (kilo) and 11.0.x before 11.0.2 (liberty), when show_multiple_locations is enabled, allow remote authenticated users to change image status and upload new image data by removing the last location of an image.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
glancePyPI
>= 11.0.0, < 11.0.211.0.2

Affected products

4
  • cpe:2.3:a:openstack:image_registry_and_delivery_service_\(glance\):11.0.0:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:openstack:image_registry_and_delivery_service_\(glance\):11.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:openstack:image_registry_and_delivery_service_\(glance\):11.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:openstack:image_registry_and_delivery_service_\(glance\):2015.1.2:*:*:*:*:*:*:*
  • ghsa-coords
    Range: >= 11.0.0, < 11.0.2

Patches

Vulnerability mechanics

References

14

News mentions

0

No linked articles in our index yet.