GCVE - cpe:2.3:a:openstack:image_registry_and_delivery_service

Approved changes feed: RSS · Atom

cpe:2.3:a:openstack:image_registry_and_delivery_service_\(glance\):-:*:*:*:*:*:*:*

part: a version: - update: *

Vendor	Openstack (`7b0cf974-b2b5-592e-bdf4-6953805ef02a`)
Product	Image Registry And Delivery Service (Glance) (`08075d3f-d82e-57df-aa20-c356b48bf240`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2013-4354`	vulnerable	2026-06-03 14:33:11.291133	Details available The API before 2.1 in OpenStack Image Registry and Delivery Service (Glance) makes it easier for local users to inject images into arbitrary tenants by adding the tenant as a member of the image. Published: 2013-11-23T17:00:00.000Z Updated: 2024-08-06T16:38:01.964Z Open on db.gcve.eu Reference links http://www.openwall.com/lists/oss-security/2013/09/19/3 https://bugs.launchpad.net/glance/+bug/1226078 http://www.openwall.com/lists/oss-security/2013/09/19/2	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2012-5482`	vulnerable	2026-06-03 14:32:30.400615	Details available The v2 API in OpenStack Glance Grizzly, Folsom (2012.2), and Essex (2012.1) allows remote authenticated users to delete arbitrary non-protected images via an image deletion request. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-4573. Published: 2012-11-11T11:00:00.000Z Updated: 2024-08-06T21:05:47.269Z Open on db.gcve.eu Reference links http://secunia.com/advisories/51174 https://github.com/openstack/glance/commit/b591304b8980d8aca8fa6cda9ea1621aca000c88 http://www.openwall.com/lists/oss-security/2012/11/08/2 https://bugs.launchpad.net/glance/+bug/1076506 http://www.securityfocus.com/bid/56437	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2012-4573`	vulnerable	2026-06-03 14:32:24.651608	Details available The v1 API in OpenStack Glance Grizzly, Folsom (2012.2), and Essex (2012.1) allows remote authenticated users to delete arbitrary non-protected images via an image deletion request, a different vulnerability than CVE-2012-5482. Published: 2012-11-11T11:00:00.000Z Updated: 2024-08-06T20:42:54.862Z Open on db.gcve.eu Reference links http://secunia.com/advisories/51174 http://secunia.com/advisories/51234 http://www.ubuntu.com/usn/USN-1626-1 http://rhn.redhat.com/errata/RHSA-2012-1558.html http://www.securityfocus.com/bid/56437	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

OpenStack Image Registry and Delivery Service (Glance)

PURL mappings

Vulnerability references

Contribute