CPE-B230C666-4A4A-43E5-B44C-C7D2CFB6F06F Detail

CPE Details

OpenStack Image Registry and Delivery Service (Glance) 2014.2

Vendor

openstack

Product

image_registry_and_delivery_service_\(glance\)

Version

2014.2

Created

2015-01-26
13h43 +00:00

Modified

2015-01-26
17h08 +00:00

Official links

CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Notifications manage

List of Notifications

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

CPE ID

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

CPE Name: cpe:2.3:a:openstack:image_registry_and_delivery_service_\(glance\):2014.2:::::::*

Informations

Vendor

openstack

Product

image_registry_and_delivery_service_\(glance\)

Version

2014.2

Related CVE

Open and find in CVE List

CVE ID	Published	Description	Score
CVE-2015-5251	2015-10-26 16h00 +00:00	OpenStack Image Service (Glance) before 2014.2.4 (juno) and 2015.1.x before 2015.1.2 (kilo) allow remote authenticated users to change the status of their images and bypass access restrictions via the HTTP x-image-meta-status header to images/*.	5.5
CVE-2015-5286	2015-10-26 16h00 +00:00	OpenStack Image Service (Glance) before 2014.2.4 (juno) and 2015.1.x before 2015.1.2 (kilo) allows remote authenticated users to bypass the storage quota and cause a denial of service (disk consumption) by deleting images that are being uploaded using a token that expires during the process. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-9623.	6.8
CVE-2014-9684	2015-02-24 14h00 +00:00	OpenStack Image Registry and Delivery Service (Glance) 2014.2 through 2014.2.2 does not properly remove images, which allows remote authenticated users to cause a denial of service (disk consumption) by creating a large number of images using the task v2 API and then deleting them before the uploads finish, a different vulnerability than CVE-2015-1881.	4
CVE-2015-1881	2015-02-24 14h00 +00:00	OpenStack Image Registry and Delivery Service (Glance) 2014.2 through 2014.2.2 does not properly remove images, which allows remote authenticated users to cause a denial of service (disk consumption) by creating a large number of images using the task v2 API and then deleting them, a different vulnerability than CVE-2014-9684.	4
CVE-2014-9623	2015-01-23 14h00 +00:00	OpenStack Glance 2014.2.x through 2014.2.1, 2014.1.3, and earlier allows remote authenticated users to bypass the storage quota and cause a denial of service (disk consumption) by deleting an image in the saving state.	4
CVE-2015-1195	2015-01-21 17h00 +00:00	The V2 API in OpenStack Image Registry and Delivery Service (Glance) before 2014.1.4 and 2014.2.x before 2014.2.2 allows remote authenticated users to read or delete arbitrary files via a full pathname in a filesystem: URL in the image location property. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-9493.	6.5
CVE-2014-9493	2015-01-07 18h00 +00:00	The V2 API in OpenStack Image Registry and Delivery Service (Glance) before 2014.2.2 and 2014.1.4 allows remote authenticated users to read or delete arbitrary files via a full pathname in a file: URL in the image location property.	5.5

OpenStack Image Registry and Delivery Service (Glance) 2014.2

CPE Details

CPE Name: cpe:2.3:a:openstack:image_registry_and_delivery_service_\(glance\):2014.2:*:*:*:*:*:*:*

Informations

Vendor

Product

Version

Related CVE

CPE Name: cpe:2.3:a:openstack:image_registry_and_delivery_service_\(glance\):2014.2:::::::*