Known Vulnerabilities for Glance by OpenStack
Listed below are 8 of the newest known vulnerabilities associated with "Glance" by "OpenStack".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-34881 | OpenStack Glance <29.1.1, >=30.0.0 <30.1.1, ==31.0.0 is affected by Server-Side Request Forgery (SSRF). By use of HTTP redire... | Not Provided | 2026-03-31 | 2026-03-31 |
| CVE-2025-26570 | Cross-Site Request Forgery (CSRF) vulnerability in uamv Glance That glance-that allows Cross Site Request Forgery.This issue ... | Not Provided | 2025-02-13 | 2026-04-01 |
| CVE-2025-23792 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Busters Passwordless... | Not Provided | 2025-01-27 | 2026-04-01 |
| CVE-2017-7200 | An SSRF issue was discovered in OpenStack Glance before Newton. The 'copy_from' feature in the Image Service API v1 allowed a... | 5.8 - MEDIUM | 2017-03-21 | 2017-03-30 |
| CVE-2016-8611 | A vulnerability was found in Openstack Glance. No limits are enforced within the Glance image service for both v1 and v2 `/im... | 6.5 - MEDIUM | 2018-07-31 | 2023-02-12 |
| CVE-2015-8234 | The image signature algorithm in OpenStack Glance 11.0.0 allows remote attackers to bypass the signature verification process... | 5.5 - MEDIUM | 2017-03-29 | 2017-04-04 |
| CVE-2015-5163 | The import task action in OpenStack Image Service (Glance) 2015.1.x before 2015.1.2 (kilo), when using the V2 API, allows rem... | 3.5 - LOW | 2015-08-19 | 2023-02-13 |
| CVE-2015-5162 | The image parser in OpenStack Cinder 7.0.2 and 8.0.0 through 8.1.1; Glance before 11.0.1 and 12.0.0; and Nova before 12.0.4 a... | 7.5 - HIGH | 2016-10-07 | 2023-02-13 |
| CVE-2015-3289 | OpenStack Glance before 2015.1.1 (kilo) allows remote authenticated users to cause a denial of service (disk consumption) by ... | 4 - MEDIUM | 2015-08-14 | 2016-12-03 |
| CVE-2013-4428 | OpenStack Image Registry and Delivery Service (Glance) Folsom, Grizzly before 2013.1.4, and Havana before 2013.2, when the do... | 3.5 - LOW | 2013-10-27 | 2018-11-15 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Openstack | Glance | 2015.1.4 | All | All | All |
| Application | Openstack | Glance | 2015.1.3 | All | All | All |
| Application | Openstack | Glance | 2015.1.2 | All | All | All |
| Application | Openstack | Glance | 2015.1.1 | All | All | All |
| Application | Openstack | Glance | 2015.1.0 | - | All | All |
| Application | Openstack | Glance | 2015.1.0 | beta1 | All | All |
| Application | Openstack | Glance | 2015.1.0 | beta2 | All | All |
| Application | Openstack | Glance | 2015.1.0 | beta3 | All | All |
| Application | Openstack | Glance | 2015.1.0 | rc1 | All | All |
| Application | Openstack | Glance | 2015.1.0 | rc2 | All | All |
| Application | Openstack | Glance | 2014.2.4 | All | All | All |
| Application | Openstack | Glance | 2014.2.3 | All | All | All |
| Application | Openstack | Glance | 2014.2.2 | All | All | All |
| Application | Openstack | Glance | 2014.2.1 | All | All | All |
| Application | Openstack | Glance | 2014.2 | - | All | All |
| Application | Openstack | Glance | 2014.2 | beta1 | All | All |
| Application | Openstack | Glance | 2014.2 | beta2 | All | All |
| Application | Openstack | Glance | 2014.2 | beta3 | All | All |
| Application | Openstack | Glance | 2014.2 | rc1 | All | All |
| Application | Openstack | Glance | 2014.2 | rc2 | All | All |