Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/glance@2:32.0.0-2
Typedeb
Namespacedebian
Nameglance
Version2:32.0.0-2
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-yzt4-fp6y-h3f1
vulnerability_id VCID-yzt4-fp6y-h3f1
summary OpenStack Glance <29.1.1, >=30.0.0 <30.1.1, ==31.0.0 is affected by Server-Side Request Forgery (SSRF). By use of HTTP redirects, an authenticated user can bypass URL validation checks and redirect to internal services. Only glance image import functionality is affected. In particular, the web-download and glance-download import methods are subject to this vulnerability, as is the optional (not enabled by default) ovf_process image import plugin.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34881.json
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34881.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-34881
reference_id
reference_type
scores
0
value 0.00026
scoring_system epss
scoring_elements 0.07267
published_at 2026-04-02T12:55:00Z
1
value 0.00026
scoring_system epss
scoring_elements 0.07311
published_at 2026-04-04T12:55:00Z
2
value 0.00029
scoring_system epss
scoring_elements 0.0813
published_at 2026-04-16T12:55:00Z
3
value 0.00029
scoring_system epss
scoring_elements 0.08421
published_at 2026-04-13T12:55:00Z
4
value 0.00029
scoring_system epss
scoring_elements 0.08443
published_at 2026-04-08T12:55:00Z
5
value 0.00029
scoring_system epss
scoring_elements 0.08281
published_at 2026-04-21T12:55:00Z
6
value 0.00029
scoring_system epss
scoring_elements 0.08117
published_at 2026-04-18T12:55:00Z
7
value 0.00029
scoring_system epss
scoring_elements 0.08436
published_at 2026-04-12T12:55:00Z
8
value 0.00029
scoring_system epss
scoring_elements 0.08455
published_at 2026-04-11T12:55:00Z
9
value 0.00029
scoring_system epss
scoring_elements 0.08372
published_at 2026-04-07T12:55:00Z
10
value 0.00029
scoring_system epss
scoring_elements 0.0846
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-34881
2
reference_url https://bugs.launchpad.net/glance/+bug/2138602
reference_id
reference_type
scores
0
value 5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N
1
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-31T13:47:30Z/
url https://bugs.launchpad.net/glance/+bug/2138602
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34881
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34881
4
reference_url https://github.com/openstack/glance
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/glance
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-34881
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-34881
6
reference_url https://security.openstack.org/ossa/OSSA-2026-004.html
reference_id
reference_type
scores
0
value 5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N
1
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-31T13:47:30Z/
url https://security.openstack.org/ossa/OSSA-2026-004.html
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1131274
reference_id 1131274
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1131274
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2453289
reference_id 2453289
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2453289
9
reference_url https://github.com/advisories/GHSA-mc26-q38v-83gv
reference_id GHSA-mc26-q38v-83gv
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-mc26-q38v-83gv
fixed_packages
0
url pkg:deb/debian/glance@2:30.0.0-3%2Bdeb13u1
purl pkg:deb/debian/glance@2:30.0.0-3%2Bdeb13u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:30.0.0-3%252Bdeb13u1
1
url pkg:deb/debian/glance@2:32.0.0-1
purl pkg:deb/debian/glance@2:32.0.0-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:32.0.0-1
2
url pkg:deb/debian/glance@2:32.0.0-2
purl pkg:deb/debian/glance@2:32.0.0-2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:32.0.0-2
aliases CVE-2026-34881, GHSA-mc26-q38v-83gv
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yzt4-fp6y-h3f1
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:32.0.0-2