Known Vulnerabilities for Glance by OpenStack
Listed below are 10 of the newest known vulnerabilities associated with "Glance" by "OpenStack".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-34881 json | OpenStack Glance before 29.1.1, 30.x before 30.1.1, and 31.0.0 is affected by Server-Side Request Forgery (SSRF). By use of H... | Not Provided | 2026-03-31 | 2026-04-02 |
| CVE-2025-26570 json | Cross-Site Request Forgery (CSRF) vulnerability in uamv Glance That glance-that allows Cross Site Request Forgery.This issue ... | Not Provided | 2025-02-13 | 2026-04-01 |
| CVE-2025-23792 json | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Busters Passwordless... | Not Provided | 2025-01-27 | 2026-04-01 |
| CVE-2022-47951 json | An issue was discovered in OpenStack Cinder before 19.1.2, 20.x before 20.0.2, and 21.0.0; Glance before 23.0.1, 24.x before ... | 5.7 - MEDIUM | 2023-01-26 | 2023-02-06 |
| CVE-2022-4134 json | A flaw was found in openstack-glance. This issue could allow a remote, authenticated attacker to tamper with images, compromi... | 2.8 - LOW | 2023-03-06 | 2023-03-13 |
| CVE-2017-7200 json | An SSRF issue was discovered in OpenStack Glance before Newton. The 'copy_from' feature in the Image Service API v1 allowed a... | 5.8 - MEDIUM | 2017-03-21 | 2017-03-30 |
| CVE-2016-8611 json | A vulnerability was found in Openstack Glance. No limits are enforced within the Glance image service for both v1 and v2 `/im... | 6.5 - MEDIUM | 2018-07-31 | 2023-02-12 |
| CVE-2015-8234 json | The image signature algorithm in OpenStack Glance 11.0.0 allows remote attackers to bypass the signature verification process... | 5.5 - MEDIUM | 2017-03-29 | 2017-04-04 |
| CVE-2015-5163 json | The import task action in OpenStack Image Service (Glance) 2015.1.x before 2015.1.2 (kilo), when using the V2 API, allows rem... | 3.5 - LOW | 2015-08-19 | 2023-02-13 |
| CVE-2015-5162 json | The image parser in OpenStack Cinder 7.0.2 and 8.0.0 through 8.1.1; Glance before 11.0.1 and 12.0.0; and Nova before 12.0.4 a... | 7.5 - HIGH | 2016-10-07 | 2023-02-13 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Openstack | Glance | 2015.1.4 | |||
| Application | Openstack | Glance | 2015.1.3 | |||
| Application | Openstack | Glance | 2015.1.2 | |||
| Application | Openstack | Glance | 2015.1.1 | |||
| Application | Openstack | Glance | 2015.1.0 | |||
| Application | Openstack | Glance | 2015.1.0 | |||
| Application | Openstack | Glance | 2015.1.0 | |||
| Application | Openstack | Glance | 2015.1.0 | |||
| Application | Openstack | Glance | 2015.1.0 | |||
| Application | Openstack | Glance | 2015.1.0 | |||
| Application | Openstack | Glance | 2014.2.4 | |||
| Application | Openstack | Glance | 2014.2.3 | |||
| Application | Openstack | Glance | 2014.2.2 | |||
| Application | Openstack | Glance | 2014.2.1 | |||
| Application | Openstack | Glance | 2014.2 | |||
| Application | Openstack | Glance | 2014.2 | |||
| Application | Openstack | Glance | 2014.2 | |||
| Application | Openstack | Glance | 2014.2 | |||
| Application | Openstack | Glance | 2014.2 | |||
| Application | Openstack | Glance | 2014.2 |