rpm package
suse/openstack-glance-doc&distro=SUSE OpenStack Cloud 5
pkg:rpm/suse/openstack-glance-doc&distro=SUSE%20OpenStack%20Cloud%205
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2015-5286 | — | < 2014.2.4.juno-14.1 | 2014.2.4.juno-14.1 | Oct 26, 2015 | OpenStack Image Service (Glance) before 2014.2.4 (juno) and 2015.1.x before 2015.1.2 (kilo) allows remote authenticated users to bypass the storage quota and cause a denial of service (disk consumption) by deleting images that are being uploaded using a token that expires during | ||
| CVE-2015-5251 | — | < 2014.2.4.juno-14.1 | 2014.2.4.juno-14.1 | Oct 26, 2015 | OpenStack Image Service (Glance) before 2014.2.4 (juno) and 2015.1.x before 2015.1.2 (kilo) allow remote authenticated users to change the status of their images and bypass access restrictions via the HTTP x-image-meta-status header to images/*. | ||
| CVE-2014-9684 | — | < 2014.2.4.dev5-9.7 | 2014.2.4.dev5-9.7 | Feb 24, 2015 | OpenStack Image Registry and Delivery Service (Glance) 2014.2 through 2014.2.2 does not properly remove images, which allows remote authenticated users to cause a denial of service (disk consumption) by creating a large number of images using the task v2 API and then deleting the |
- CVE-2015-5286Oct 26, 2015affected < 2014.2.4.juno-14.1fixed 2014.2.4.juno-14.1
OpenStack Image Service (Glance) before 2014.2.4 (juno) and 2015.1.x before 2015.1.2 (kilo) allows remote authenticated users to bypass the storage quota and cause a denial of service (disk consumption) by deleting images that are being uploaded using a token that expires during
- CVE-2015-5251Oct 26, 2015affected < 2014.2.4.juno-14.1fixed 2014.2.4.juno-14.1
OpenStack Image Service (Glance) before 2014.2.4 (juno) and 2015.1.x before 2015.1.2 (kilo) allow remote authenticated users to change the status of their images and bypass access restrictions via the HTTP x-image-meta-status header to images/*.
- CVE-2014-9684Feb 24, 2015affected < 2014.2.4.dev5-9.7fixed 2014.2.4.dev5-9.7
OpenStack Image Registry and Delivery Service (Glance) 2014.2 through 2014.2.2 does not properly remove images, which allows remote authenticated users to cause a denial of service (disk consumption) by creating a large number of images using the task v2 API and then deleting the