CPE-B01C073D-05C1-4C42-BA7B-D4547E4703A4 Detail

CPE Details

OpenStack Image Registry and Delivery Service (Glance)

Vendor

openstack

Product

image_registry_and_delivery_service_\(glance\)

Version

Created

2013-11-25
15h39 +00:00

Modified

2013-11-25
15h40 +00:00

Official links

CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Notifications manage

List of Notifications

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

CPE ID

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

CPE Name: cpe:2.3:a:openstack:image_registry_and_delivery_service_\(glance\):-:::::::*

Informations

Vendor

openstack

Product

image_registry_and_delivery_service_\(glance\)

Version

Related CVE

Open and find in CVE List

CVE ID	Published	Description	Score
CVE-2015-5251	2015-10-26 16h00 +00:00	OpenStack Image Service (Glance) before 2014.2.4 (juno) and 2015.1.x before 2015.1.2 (kilo) allow remote authenticated users to change the status of their images and bypass access restrictions via the HTTP x-image-meta-status header to images/*.	5.5
CVE-2015-5286	2015-10-26 16h00 +00:00	OpenStack Image Service (Glance) before 2014.2.4 (juno) and 2015.1.x before 2015.1.2 (kilo) allows remote authenticated users to bypass the storage quota and cause a denial of service (disk consumption) by deleting images that are being uploaded using a token that expires during the process. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-9623.	6.8
CVE-2014-9623	2015-01-23 14h00 +00:00	OpenStack Glance 2014.2.x through 2014.2.1, 2014.1.3, and earlier allows remote authenticated users to bypass the storage quota and cause a denial of service (disk consumption) by deleting an image in the saving state.	4
CVE-2014-5356	2014-08-25 12h00 +00:00	OpenStack Image Registry and Delivery Service (Glance) before 2013.2.4, 2014.x before 2014.1.3, and Juno before Juno-3, when using the V2 API, does not properly enforce the image_size_cap configuration option, which allows remote authenticated users to cause a denial of service (disk consumption) by uploading a large image.	4
CVE-2013-4354	2013-11-23 16h00 +00:00	The API before 2.1 in OpenStack Image Registry and Delivery Service (Glance) makes it easier for local users to inject images into arbitrary tenants by adding the tenant as a member of the image.	2.1
CVE-2012-4573	2012-11-11 10h00 +00:00	The v1 API in OpenStack Glance Grizzly, Folsom (2012.2), and Essex (2012.1) allows remote authenticated users to delete arbitrary non-protected images via an image deletion request, a different vulnerability than CVE-2012-5482.	5.5
CVE-2012-5482	2012-11-11 10h00 +00:00	The v2 API in OpenStack Glance Grizzly, Folsom (2012.2), and Essex (2012.1) allows remote authenticated users to delete arbitrary non-protected images via an image deletion request. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-4573.	5.5

OpenStack Image Registry and Delivery Service (Glance)

CPE Details

CPE Name: cpe:2.3:a:openstack:image_registry_and_delivery_service_\(glance\):-:*:*:*:*:*:*:*

Informations

Vendor

Product

Version

Related CVE

CPE Name: cpe:2.3:a:openstack:image_registry_and_delivery_service_\(glance\):-:::::::*