Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/glance@2:21.0.0-2%2Bdeb11u1?distro=trixie
Typedeb
Namespacedebian
Nameglance
Version2:21.0.0-2+deb11u1
Qualifiers
distro trixie
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version2:21.1.0-1+deb11u2
Latest_non_vulnerable_version2:32.0.0-2
Affected_by_vulnerabilities
0
url VCID-fyj7-ewgp-tybe
vulnerability_id VCID-fyj7-ewgp-tybe
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34881.json
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34881.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-34881
reference_id
reference_type
scores
0
value 0.00041
scoring_system epss
scoring_elements 0.12935
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-34881
2
reference_url https://bugs.launchpad.net/glance/+bug/2138602
reference_id
reference_type
scores
0
value 5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N
1
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-31T13:47:30Z/
url https://bugs.launchpad.net/glance/+bug/2138602
3
reference_url https://github.com/openstack/glance
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/glance
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-34881
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-34881
5
reference_url https://security.openstack.org/ossa/OSSA-2026-004.html
reference_id
reference_type
scores
0
value 5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N
1
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-31T13:47:30Z/
url https://security.openstack.org/ossa/OSSA-2026-004.html
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1131274
reference_id 1131274
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1131274
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2453289
reference_id 2453289
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2453289
8
reference_url https://github.com/advisories/GHSA-mc26-q38v-83gv
reference_id GHSA-mc26-q38v-83gv
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-mc26-q38v-83gv
9
reference_url https://usn.ubuntu.com/8199-1/
reference_id USN-8199-1
reference_type
scores
url https://usn.ubuntu.com/8199-1/
fixed_packages
0
url pkg:deb/debian/glance@2:25.1.0-2%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/glance@2:25.1.0-2%2Bdeb12u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:25.1.0-2%252Bdeb12u2%3Fdistro=trixie
1
url pkg:deb/debian/glance@2:25.1.0-2%2Bdeb12u3?distro=trixie
purl pkg:deb/debian/glance@2:25.1.0-2%2Bdeb12u3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:25.1.0-2%252Bdeb12u3%3Fdistro=trixie
2
url pkg:deb/debian/glance@2:30.0.0-3%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/glance@2:30.0.0-3%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:30.0.0-3%252Bdeb13u1%3Fdistro=trixie
3
url pkg:deb/debian/glance@2:30.0.0-3%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/glance@2:30.0.0-3%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:30.0.0-3%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/glance@2:31.0.0-3?distro=trixie
purl pkg:deb/debian/glance@2:31.0.0-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:31.0.0-3%3Fdistro=trixie
5
url pkg:deb/debian/glance@2:32.0.0-2?distro=trixie
purl pkg:deb/debian/glance@2:32.0.0-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:32.0.0-2%3Fdistro=trixie
aliases CVE-2026-34881, GHSA-mc26-q38v-83gv
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fyj7-ewgp-tybe
Fixing_vulnerabilities
0
url VCID-1zfk-wjsv-z3hp
vulnerability_id VCID-1zfk-wjsv-z3hp
summary The v1 API in OpenStack Glance Grizzly, Folsom (2012.2), and Essex (2012.1) allows remote authenticated users to delete arbitrary non-protected images via an image deletion request, a different vulnerability than CVE-2012-5482.
references
0
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092192.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092192.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00002.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00002.html
2
reference_url http://osvdb.org/87248
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://osvdb.org/87248
3
reference_url http://packetstormsecurity.com/files/118733/Red-Hat-Security-Advisory-2012-1558-01.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/118733/Red-Hat-Security-Advisory-2012-1558-01.html
4
reference_url http://rhn.redhat.com/errata/RHSA-2012-1558.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2012-1558.html
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-4573
reference_id
reference_type
scores
0
value 0.00842
scoring_system epss
scoring_elements 0.75056
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-4573
6
reference_url https://bugs.launchpad.net/glance/+bug/1065187
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/glance/+bug/1065187
7
reference_url http://secunia.com/advisories/51174
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/51174
8
reference_url http://secunia.com/advisories/51234
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/51234
9
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/79895
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/79895
10
reference_url https://github.com/openstack/glance
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/glance
11
reference_url https://github.com/openstack/glance/commit/6ab0992e5472ae3f9bef0d2ced41030655d9d2bc
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/glance/commit/6ab0992e5472ae3f9bef0d2ced41030655d9d2bc
12
reference_url https://github.com/openstack/glance/commit/90bcdc5a89e350a358cf320a03f5afe99795f6f6
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/glance/commit/90bcdc5a89e350a358cf320a03f5afe99795f6f6
13
reference_url https://github.com/openstack/glance/commit/efd7e75b1f419a52c7103c7840e24af8e5deb29d
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/glance/commit/efd7e75b1f419a52c7103c7840e24af8e5deb29d
14
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/glance/PYSEC-2012-29.yaml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/glance/PYSEC-2012-29.yaml
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-4573
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-4573
16
reference_url http://www.openwall.com/lists/oss-security/2012/11/07/6
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/11/07/6
17
reference_url http://www.openwall.com/lists/oss-security/2012/11/09/5
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/11/09/5
18
reference_url http://www.securityfocus.com/bid/56437
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/56437
19
reference_url http://www.ubuntu.com/usn/USN-1626-1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-1626-1
20
reference_url http://www.ubuntu.com/usn/USN-1626-2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-1626-2
21
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=692641
reference_id 692641
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=692641
22
reference_url https://usn.ubuntu.com/1626-1/
reference_id USN-1626-1
reference_type
scores
url https://usn.ubuntu.com/1626-1/
23
reference_url https://usn.ubuntu.com/1626-2/
reference_id USN-1626-2
reference_type
scores
url https://usn.ubuntu.com/1626-2/
fixed_packages
0
url pkg:deb/debian/glance@2012.1.1-2?distro=trixie
purl pkg:deb/debian/glance@2012.1.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2012.1.1-2%3Fdistro=trixie
1
url pkg:deb/debian/glance@2:21.0.0-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/glance@2:21.0.0-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fyj7-ewgp-tybe
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:21.0.0-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/glance@2:25.1.0-2%2Bdeb12u3?distro=trixie
purl pkg:deb/debian/glance@2:25.1.0-2%2Bdeb12u3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:25.1.0-2%252Bdeb12u3%3Fdistro=trixie
3
url pkg:deb/debian/glance@2:30.0.0-3%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/glance@2:30.0.0-3%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:30.0.0-3%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/glance@2:32.0.0-2?distro=trixie
purl pkg:deb/debian/glance@2:32.0.0-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:32.0.0-2%3Fdistro=trixie
aliases CVE-2012-4573, GHSA-6rrm-xxvh-7r87, PYSEC-2012-29
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1zfk-wjsv-z3hp
1
url VCID-3ekz-4ahc-5ybh
vulnerability_id VCID-3ekz-4ahc-5ybh
summary 
OpenStack Cinder, glance, and Nova vulnerable to Path Traversal
An issue was discovered in OpenStack Cinder before 19.1.2, 20.x before 20.0.2, and 21.0.0; Glance before 23.0.1, 24.x before 24.1.1, and 25.0.0; and Nova before 24.1.2, 25.x before 25.0.2, and 26.0.0. By supplying a specially created VMDK flat image that references a specific backing file path, an authenticated user may convince systems to return a copy of that file's contents from the server, resulting in unauthorized access to potentially sensitive data.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-47951.json
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-47951.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-47951
reference_id
reference_type
scores
0
value 0.00615
scoring_system epss
scoring_elements 0.70229
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-47951
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://launchpad.net/bugs/1996188
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-31T16:49:04Z/
url https://launchpad.net/bugs/1996188
4
reference_url https://lists.debian.org/debian-lts-announce/2023/01/msg00040.html
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-31T16:49:04Z/
url https://lists.debian.org/debian-lts-announce/2023/01/msg00040.html
5
reference_url https://lists.debian.org/debian-lts-announce/2023/01/msg00041.html
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-31T16:49:04Z/
url https://lists.debian.org/debian-lts-announce/2023/01/msg00041.html
6
reference_url https://lists.debian.org/debian-lts-announce/2023/01/msg00042.html
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-31T16:49:04Z/
url https://lists.debian.org/debian-lts-announce/2023/01/msg00042.html
7
reference_url https://security.openstack.org/ossa/OSSA-2023-002.html
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-31T16:49:04Z/
url https://security.openstack.org/ossa/OSSA-2023-002.html
8
reference_url https://www.debian.org/security/2023/dsa-5336
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-31T16:49:04Z/
url https://www.debian.org/security/2023/dsa-5336
9
reference_url https://www.debian.org/security/2023/dsa-5337
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-31T16:49:04Z/
url https://www.debian.org/security/2023/dsa-5337
10
reference_url https://www.debian.org/security/2023/dsa-5338
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-31T16:49:04Z/
url https://www.debian.org/security/2023/dsa-5338
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029561
reference_id 1029561
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029561
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029562
reference_id 1029562
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029562
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029563
reference_id 1029563
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029563
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2161812
reference_id 2161812
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2161812
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-47951
reference_id CVE-2022-47951
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-47951
16
reference_url https://github.com/advisories/GHSA-7h75-hwxx-qpgc
reference_id GHSA-7h75-hwxx-qpgc
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-7h75-hwxx-qpgc
17
reference_url https://access.redhat.com/errata/RHSA-2023:1015
reference_id RHSA-2023:1015
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1015
18
reference_url https://access.redhat.com/errata/RHSA-2023:1016
reference_id RHSA-2023:1016
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1016
19
reference_url https://access.redhat.com/errata/RHSA-2023:1017
reference_id RHSA-2023:1017
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1017
20
reference_url https://access.redhat.com/errata/RHSA-2023:1278
reference_id RHSA-2023:1278
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1278
21
reference_url https://access.redhat.com/errata/RHSA-2023:1279
reference_id RHSA-2023:1279
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1279
22
reference_url https://access.redhat.com/errata/RHSA-2023:1280
reference_id RHSA-2023:1280
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1280
23
reference_url https://usn.ubuntu.com/5835-1/
reference_id USN-5835-1
reference_type
scores
url https://usn.ubuntu.com/5835-1/
24
reference_url https://usn.ubuntu.com/5835-2/
reference_id USN-5835-2
reference_type
scores
url https://usn.ubuntu.com/5835-2/
25
reference_url https://usn.ubuntu.com/5835-3/
reference_id USN-5835-3
reference_type
scores
url https://usn.ubuntu.com/5835-3/
26
reference_url https://usn.ubuntu.com/5835-4/
reference_id USN-5835-4
reference_type
scores
url https://usn.ubuntu.com/5835-4/
27
reference_url https://usn.ubuntu.com/5835-5/
reference_id USN-5835-5
reference_type
scores
url https://usn.ubuntu.com/5835-5/
28
reference_url https://usn.ubuntu.com/6882-2/
reference_id USN-6882-2
reference_type
scores
url https://usn.ubuntu.com/6882-2/
fixed_packages
0
url pkg:deb/debian/glance@2:21.0.0-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/glance@2:21.0.0-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fyj7-ewgp-tybe
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:21.0.0-2%252Bdeb11u1%3Fdistro=trixie
1
url pkg:deb/debian/glance@2:25.0.0-2?distro=trixie
purl pkg:deb/debian/glance@2:25.0.0-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:25.0.0-2%3Fdistro=trixie
2
url pkg:deb/debian/glance@2:25.1.0-2%2Bdeb12u3?distro=trixie
purl pkg:deb/debian/glance@2:25.1.0-2%2Bdeb12u3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:25.1.0-2%252Bdeb12u3%3Fdistro=trixie
3
url pkg:deb/debian/glance@2:30.0.0-3%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/glance@2:30.0.0-3%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:30.0.0-3%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/glance@2:32.0.0-2?distro=trixie
purl pkg:deb/debian/glance@2:32.0.0-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:32.0.0-2%3Fdistro=trixie
aliases CVE-2022-47951, GHSA-7h75-hwxx-qpgc
risk_score 3.5
exploitability 0.5
weighted_severity 6.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3ekz-4ahc-5ybh
2
url VCID-488j-dcca-b3cq
vulnerability_id VCID-488j-dcca-b3cq
summary The v2 API in OpenStack Glance Grizzly, Folsom (2012.2), and Essex (2012.1) allows remote authenticated users to delete arbitrary non-protected images via an image deletion request. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-4573.
references
0
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092192.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092192.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00002.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00002.html
2
reference_url http://osvdb.org/87248
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://osvdb.org/87248
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-5482
reference_id
reference_type
scores
0
value 0.01403
scoring_system epss
scoring_elements 0.80756
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-5482
4
reference_url https://bugs.launchpad.net/glance/+bug/1076506
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/glance/+bug/1076506
5
reference_url http://secunia.com/advisories/51174
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/51174
6
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/80019
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/80019
7
reference_url https://github.com/openstack/glance
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/glance
8
reference_url https://github.com/openstack/glance/commit/b591304b8980d8aca8fa6cda9ea1621aca000c88
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/glance/commit/b591304b8980d8aca8fa6cda9ea1621aca000c88
9
reference_url https://github.com/openstack/glance/commit/fc0ee7623ec59c87ac6fc671e95a9798d6f2e2c3
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/glance/commit/fc0ee7623ec59c87ac6fc671e95a9798d6f2e2c3
10
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/glance/PYSEC-2012-30.yaml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/glance/PYSEC-2012-30.yaml
11
reference_url http://www.openwall.com/lists/oss-security/2012/11/07/6
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/11/07/6
12
reference_url http://www.openwall.com/lists/oss-security/2012/11/08/2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/11/08/2
13
reference_url http://www.openwall.com/lists/oss-security/2012/11/09/1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/11/09/1
14
reference_url http://www.openwall.com/lists/oss-security/2012/11/09/5
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/11/09/5
15
reference_url http://www.securityfocus.com/bid/56437
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/56437
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=692641
reference_id 692641
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=692641
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-5482
reference_id CVE-2012-5482
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-5482
18
reference_url https://github.com/advisories/GHSA-vwr9-9f8v-vp5m
reference_id GHSA-vwr9-9f8v-vp5m
reference_type
scores
url https://github.com/advisories/GHSA-vwr9-9f8v-vp5m
fixed_packages
0
url pkg:deb/debian/glance@2012.1.1-3?distro=trixie
purl pkg:deb/debian/glance@2012.1.1-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2012.1.1-3%3Fdistro=trixie
1
url pkg:deb/debian/glance@2:21.0.0-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/glance@2:21.0.0-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fyj7-ewgp-tybe
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:21.0.0-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/glance@2:25.1.0-2%2Bdeb12u3?distro=trixie
purl pkg:deb/debian/glance@2:25.1.0-2%2Bdeb12u3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:25.1.0-2%252Bdeb12u3%3Fdistro=trixie
3
url pkg:deb/debian/glance@2:30.0.0-3%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/glance@2:30.0.0-3%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:30.0.0-3%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/glance@2:32.0.0-2?distro=trixie
purl pkg:deb/debian/glance@2:32.0.0-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:32.0.0-2%3Fdistro=trixie
aliases CVE-2012-5482, GHSA-vwr9-9f8v-vp5m, PYSEC-2012-30
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-488j-dcca-b3cq
3
url VCID-5ckw-s7x4-gke6
vulnerability_id VCID-5ckw-s7x4-gke6
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-7200
reference_id
reference_type
scores
0
value 0.00377
scoring_system epss
scoring_elements 0.59551
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-7200
1
reference_url https://bugs.launchpad.net/ossn/+bug/1153614
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/ossn/+bug/1153614
2
reference_url https://bugs.launchpad.net/ossn/+bug/1606495
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/ossn/+bug/1606495
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.5
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:S/C:P/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/openstack/glance
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/glance
5
reference_url https://github.com/openstack/glance/commit/b1ac90f7914d91b25144cc4063fa994fb5019ee3
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/glance/commit/b1ac90f7914d91b25144cc4063fa994fb5019ee3
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-7200
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-7200
7
reference_url https://wiki.openstack.org/wiki/OSSN/OSSN-0078
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://wiki.openstack.org/wiki/OSSN/OSSN-0078
8
reference_url http://www.securityfocus.com/bid/96988
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/96988
fixed_packages
0
url pkg:deb/debian/glance@2:13.0.0-1?distro=trixie
purl pkg:deb/debian/glance@2:13.0.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:13.0.0-1%3Fdistro=trixie
1
url pkg:deb/debian/glance@2:21.0.0-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/glance@2:21.0.0-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fyj7-ewgp-tybe
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:21.0.0-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/glance@2:25.1.0-2%2Bdeb12u3?distro=trixie
purl pkg:deb/debian/glance@2:25.1.0-2%2Bdeb12u3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:25.1.0-2%252Bdeb12u3%3Fdistro=trixie
3
url pkg:deb/debian/glance@2:30.0.0-3%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/glance@2:30.0.0-3%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:30.0.0-3%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/glance@2:32.0.0-2?distro=trixie
purl pkg:deb/debian/glance@2:32.0.0-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:32.0.0-2%3Fdistro=trixie
aliases CVE-2017-7200, GHSA-j6mr-cm6x-h6jg
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5ckw-s7x4-gke6
4
url VCID-5xcy-zr93-57b2
vulnerability_id VCID-5xcy-zr93-57b2
summary The import task action in OpenStack Image Service (Glance) 2015.1.x before 2015.1.2 (kilo), when using the V2 API, allows remote authenticated users to read arbitrary files via a crafted backing file for a qcow2 image.
references
0
reference_url http://lists.openstack.org/pipermail/openstack-announce/2015-August/000527.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.openstack.org/pipermail/openstack-announce/2015-August/000527.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2015-1639.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-1639.html
2
reference_url https://access.redhat.com/errata/RHSA-2015:1639
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2015:1639
3
reference_url https://access.redhat.com/security/cve/CVE-2015-5163
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2015-5163
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-5163
reference_id
reference_type
scores
0
value 0.00277
scoring_system epss
scoring_elements 0.51323
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-5163
5
reference_url https://bugs.launchpad.net/glance/+bug/1471912
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/glance/+bug/1471912
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1252378
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1252378
7
reference_url https://github.com/openstack/glance
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/glance
8
reference_url https://github.com/openstack/glance/commit/eb99e45829a1b4c93db5692bdbf636a86faa56c4
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/glance/commit/eb99e45829a1b4c93db5692bdbf636a86faa56c4
9
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/glance/PYSEC-2015-39.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/glance/PYSEC-2015-39.yaml
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-5163
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-5163
11
reference_url https://web.archive.org/web/20200228024903/http://www.securityfocus.com/bid/76346
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200228024903/http://www.securityfocus.com/bid/76346
12
reference_url http://www.securityfocus.com/bid/76346
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/76346
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=795453
reference_id 795453
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=795453
fixed_packages
0
url pkg:deb/debian/glance@2015.1.0-4?distro=trixie
purl pkg:deb/debian/glance@2015.1.0-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2015.1.0-4%3Fdistro=trixie
1
url pkg:deb/debian/glance@2:21.0.0-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/glance@2:21.0.0-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fyj7-ewgp-tybe
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:21.0.0-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/glance@2:25.1.0-2%2Bdeb12u3?distro=trixie
purl pkg:deb/debian/glance@2:25.1.0-2%2Bdeb12u3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:25.1.0-2%252Bdeb12u3%3Fdistro=trixie
3
url pkg:deb/debian/glance@2:30.0.0-3%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/glance@2:30.0.0-3%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:30.0.0-3%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/glance@2:32.0.0-2?distro=trixie
purl pkg:deb/debian/glance@2:32.0.0-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:32.0.0-2%3Fdistro=trixie
aliases CVE-2015-5163, GHSA-q73f-vjc2-3gqf, PYSEC-2015-39
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5xcy-zr93-57b2
5
url VCID-7k1y-wr7c-1kdb
vulnerability_id VCID-7k1y-wr7c-1kdb
summary
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2015-0644.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0644.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2015-0837.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0837.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2015-0838.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0838.html
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-9623
reference_id
reference_type
scores
0
value 0.00302
scoring_system epss
scoring_elements 0.53772
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-9623
4
reference_url https://bugs.launchpad.net/glance/+bug/1383973
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/glance/+bug/1383973
5
reference_url https://bugs.launchpad.net/glance/+bug/1398830
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/glance/+bug/1398830
6
reference_url http://secunia.com/advisories/62165
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/62165
7
reference_url https://github.com/openstack/glance
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/glance
8
reference_url https://github.com/openstack/glance/commit/0dc8fbb3479a53c5bba8475d14f4c7206904c5ea
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/glance/commit/0dc8fbb3479a53c5bba8475d14f4c7206904c5ea
9
reference_url https://github.com/openstack/glance/commit/7d5d8657fd70b20518610b3c6f8e41e16c72fa31
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/glance/commit/7d5d8657fd70b20518610b3c6f8e41e16c72fa31
10
reference_url https://github.com/openstack/glance/commit/f1260cc771ee068651aa62b972bef49d9af81eb0
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/glance/commit/f1260cc771ee068651aa62b972bef49d9af81eb0
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-9623
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-9623
12
reference_url https://security.openstack.org/ossa/OSSA-2015-003.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.openstack.org/ossa/OSSA-2015-003.html
13
reference_url http://www.openwall.com/lists/oss-security/2015/01/18/4
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2015/01/18/4
14
reference_url http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776580
reference_id 776580
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776580
fixed_packages
0
url pkg:deb/debian/glance@2014.1.3-12?distro=trixie
purl pkg:deb/debian/glance@2014.1.3-12?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2014.1.3-12%3Fdistro=trixie
1
url pkg:deb/debian/glance@2:21.0.0-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/glance@2:21.0.0-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fyj7-ewgp-tybe
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:21.0.0-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/glance@2:25.1.0-2%2Bdeb12u3?distro=trixie
purl pkg:deb/debian/glance@2:25.1.0-2%2Bdeb12u3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:25.1.0-2%252Bdeb12u3%3Fdistro=trixie
3
url pkg:deb/debian/glance@2:30.0.0-3%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/glance@2:30.0.0-3%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:30.0.0-3%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/glance@2:32.0.0-2?distro=trixie
purl pkg:deb/debian/glance@2:32.0.0-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:32.0.0-2%3Fdistro=trixie
aliases CVE-2014-9623, GHSA-j4mh-9wq6-8rg6
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7k1y-wr7c-1kdb
6
url VCID-aaru-1h3t-akdd
vulnerability_id VCID-aaru-1h3t-akdd
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-9493
reference_id
reference_type
scores
0
value 0.0075
scoring_system epss
scoring_elements 0.73444
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-9493
1
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773836
reference_id 773836
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773836
fixed_packages
0
url pkg:deb/debian/glance@2014.1.3-6?distro=trixie
purl pkg:deb/debian/glance@2014.1.3-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2014.1.3-6%3Fdistro=trixie
1
url pkg:deb/debian/glance@2:21.0.0-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/glance@2:21.0.0-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fyj7-ewgp-tybe
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:21.0.0-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/glance@2:25.1.0-2%2Bdeb12u3?distro=trixie
purl pkg:deb/debian/glance@2:25.1.0-2%2Bdeb12u3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:25.1.0-2%252Bdeb12u3%3Fdistro=trixie
3
url pkg:deb/debian/glance@2:30.0.0-3%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/glance@2:30.0.0-3%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:30.0.0-3%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/glance@2:32.0.0-2?distro=trixie
purl pkg:deb/debian/glance@2:32.0.0-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:32.0.0-2%3Fdistro=trixie
aliases CVE-2014-9493
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-aaru-1h3t-akdd
7
url VCID-czc7-3876-fugu
vulnerability_id VCID-czc7-3876-fugu
summary OpenStack Image Registry and Delivery Service (Glance) 2014.2 through 2014.2.2 does not properly remove images, which allows remote authenticated users to cause a denial of service (disk consumption) by creating a large number of images using the task v2 API and then deleting them before the uploads finish, a different vulnerability than CVE-2015-1881.
references
0
reference_url http://lists.openstack.org/pipermail/openstack-announce/2015-February/000336.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.openstack.org/pipermail/openstack-announce/2015-February/000336.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2015-0938.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0938.html
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-9684
reference_id
reference_type
scores
0
value 0.0058
scoring_system epss
scoring_elements 0.69222
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-9684
3
reference_url https://bugs.launchpad.net/glance/+bug/1371118
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/glance/+bug/1371118
4
reference_url https://github.com/openstack/glance
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/glance
5
reference_url https://github.com/openstack/glance/commit/7858d4d95154c8596720365e465cca7858cfec5c
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/glance/commit/7858d4d95154c8596720365e465cca7858cfec5c
6
reference_url https://github.com/openstack/glance/commit/a880c8e762e94b70c1e5d5692a3defcde734a601
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/glance/commit/a880c8e762e94b70c1e5d5692a3defcde734a601
7
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/glance/PYSEC-2015-37.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/glance/PYSEC-2015-37.yaml
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-9684
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-9684
9
reference_url http://www.securityfocus.com/bid/72692
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/72692
fixed_packages
0
url pkg:deb/debian/glance@0?distro=trixie
purl pkg:deb/debian/glance@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@0%3Fdistro=trixie
1
url pkg:deb/debian/glance@2:21.0.0-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/glance@2:21.0.0-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fyj7-ewgp-tybe
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:21.0.0-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/glance@2:25.1.0-2%2Bdeb12u3?distro=trixie
purl pkg:deb/debian/glance@2:25.1.0-2%2Bdeb12u3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:25.1.0-2%252Bdeb12u3%3Fdistro=trixie
3
url pkg:deb/debian/glance@2:30.0.0-3%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/glance@2:30.0.0-3%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:30.0.0-3%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/glance@2:32.0.0-2?distro=trixie
purl pkg:deb/debian/glance@2:32.0.0-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:32.0.0-2%3Fdistro=trixie
aliases CVE-2014-9684, GHSA-h737-q6g6-8wr6, PYSEC-2015-37
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-czc7-3876-fugu
8
url VCID-db3a-7hcs-syc6
vulnerability_id VCID-db3a-7hcs-syc6
summary 
OpenStack Cinder, Glance, and Nova contain Uncontrolled Resource Consumption
A resource vulnerability in the OpenStack Compute (nova), Block Storage (cinder), and Image (glance) services was found in their use of qemu-img. An unprivileged user could consume as much as 4 GB of RAM on the compute host by uploading a malicious image. This flaw could lead possibly to host out-of-memory errors and negatively affect other running tenant instances. oslo.concurrency has been updated to support process limits ('prlimit'), which is needed to fix this flaw.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-2923.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-2923.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2016-2991.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-2991.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2017-0153.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2017-0153.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2017-0156.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2017-0156.html
4
reference_url http://rhn.redhat.com/errata/RHSA-2017-0165.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2017-0165.html
5
reference_url http://rhn.redhat.com/errata/RHSA-2017-0282.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2017-0282.html
6
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-5162
reference_id
reference_type
scores
0
value 0.0361
scoring_system epss
scoring_elements 0.87984
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-5162
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1268303
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1268303
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://github.com/openstack/cinder/commit/455b318ced717fb38dfe40014817d78fbc47dea5
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/cinder/commit/455b318ced717fb38dfe40014817d78fbc47dea5
10
reference_url https://github.com/openstack/glance/commit/69a9b659fd48aa3c1f84fc7bc9ae236b6803d31f
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/glance/commit/69a9b659fd48aa3c1f84fc7bc9ae236b6803d31f
11
reference_url https://github.com/openstack/nova/commit/6bc37dcceca823998068167b49aec6def3112397
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/6bc37dcceca823998068167b49aec6def3112397
12
reference_url https://launchpad.net/bugs/1449062
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://launchpad.net/bugs/1449062
13
reference_url http://www.openwall.com/lists/oss-security/2016/10/06/8
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/10/06/8
14
reference_url http://www.securityfocus.com/bid/76849
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/76849
15
reference_url https://access.redhat.com/security/cve/CVE-2015-5162
reference_id CVE-2015-5162
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2015-5162
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-5162
reference_id CVE-2015-5162
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-5162
17
reference_url https://github.com/advisories/GHSA-g2j5-7vgx-6xrx
reference_id GHSA-g2j5-7vgx-6xrx
reference_type
scores
url https://github.com/advisories/GHSA-g2j5-7vgx-6xrx
18
reference_url https://usn.ubuntu.com/3449-1/
reference_id USN-3449-1
reference_type
scores
url https://usn.ubuntu.com/3449-1/
fixed_packages
0
url pkg:deb/debian/glance@2:12.0.0-1?distro=trixie
purl pkg:deb/debian/glance@2:12.0.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:12.0.0-1%3Fdistro=trixie
1
url pkg:deb/debian/glance@2:21.0.0-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/glance@2:21.0.0-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fyj7-ewgp-tybe
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:21.0.0-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/glance@2:25.1.0-2%2Bdeb12u3?distro=trixie
purl pkg:deb/debian/glance@2:25.1.0-2%2Bdeb12u3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:25.1.0-2%252Bdeb12u3%3Fdistro=trixie
3
url pkg:deb/debian/glance@2:30.0.0-3%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/glance@2:30.0.0-3%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:30.0.0-3%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/glance@2:32.0.0-2?distro=trixie
purl pkg:deb/debian/glance@2:32.0.0-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:32.0.0-2%3Fdistro=trixie
aliases CVE-2015-5162, GHSA-g2j5-7vgx-6xrx
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-db3a-7hcs-syc6
9
url VCID-ef5k-jqxk-ukag
vulnerability_id VCID-ef5k-jqxk-ukag
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32498.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32498.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-32498
reference_id
reference_type
scores
0
value 0.00214
scoring_system epss
scoring_elements 0.43956
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-32498
2
reference_url https://github.com/openstack/cinder/commit/78f85c1f9b20a067ef64d6451dee0228c3a0db5e
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/cinder/commit/78f85c1f9b20a067ef64d6451dee0228c3a0db5e
3
reference_url https://github.com/openstack/cinder/commit/d6a186945e03649343af55b46ed8dfe0dd326e40
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/cinder/commit/d6a186945e03649343af55b46ed8dfe0dd326e40
4
reference_url https://github.com/openstack/glance/commit/22f0c9c6f98db1d93569e3edb800c271f35b0ef9
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/glance/commit/22f0c9c6f98db1d93569e3edb800c271f35b0ef9
5
reference_url https://github.com/openstack/glance/commit/2e65391744a82421bc6f026ee8f1f3550038f175
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/glance/commit/2e65391744a82421bc6f026ee8f1f3550038f175
6
reference_url https://github.com/openstack/glance/commit/867d1dd8b6e4f5774257a98c7c33061fbbbde973
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/glance/commit/867d1dd8b6e4f5774257a98c7c33061fbbbde973
7
reference_url https://github.com/openstack/glance/commit/cc7d53adbecf85f3d7df78e7618fe8ab3a075c5f
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/glance/commit/cc7d53adbecf85f3d7df78e7618fe8ab3a075c5f
8
reference_url https://github.com/openstack/glance/commit/d607e78630cc9d1ca18b3a027322809c042f64df
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/glance/commit/d607e78630cc9d1ca18b3a027322809c042f64df
9
reference_url https://github.com/openstack/nova/commit/657e86585cc57f84ab9b364dd189547d231d5927
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/657e86585cc57f84ab9b364dd189547d231d5927
10
reference_url https://launchpad.net/bugs/2059809
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T15:32:53Z/
url https://launchpad.net/bugs/2059809
11
reference_url https://lists.debian.org/debian-lts-announce/2024/09/msg00016.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2024/09/msg00016.html
12
reference_url https://lists.debian.org/debian-lts-announce/2024/09/msg00017.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2024/09/msg00017.html
13
reference_url https://security.openstack.org/ossa/OSSA-2024-001.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T15:32:53Z/
url https://security.openstack.org/ossa/OSSA-2024-001.html
14
reference_url https://www.openwall.com/lists/oss-security/2024/07/02/2
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T15:32:53Z/
url https://www.openwall.com/lists/oss-security/2024/07/02/2
15
reference_url http://www.openwall.com/lists/oss-security/2024/07/02/2
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T15:32:53Z/
url http://www.openwall.com/lists/oss-security/2024/07/02/2
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074761
reference_id 1074761
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074761
17
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074762
reference_id 1074762
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074762
18
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074763
reference_id 1074763
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074763
19
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2278663
reference_id 2278663
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2278663
20
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-32498
reference_id CVE-2024-32498
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-32498
21
reference_url https://github.com/advisories/GHSA-r4v4-w9pv-6fph
reference_id GHSA-r4v4-w9pv-6fph
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-r4v4-w9pv-6fph
22
reference_url https://access.redhat.com/errata/RHSA-2024:4272
reference_id RHSA-2024:4272
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4272
23
reference_url https://access.redhat.com/errata/RHSA-2024:4273
reference_id RHSA-2024:4273
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4273
24
reference_url https://access.redhat.com/errata/RHSA-2024:4274
reference_id RHSA-2024:4274
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4274
25
reference_url https://access.redhat.com/errata/RHSA-2024:4425
reference_id RHSA-2024:4425
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4425
26
reference_url https://usn.ubuntu.com/6882-1/
reference_id USN-6882-1
reference_type
scores
url https://usn.ubuntu.com/6882-1/
27
reference_url https://usn.ubuntu.com/6882-2/
reference_id USN-6882-2
reference_type
scores
url https://usn.ubuntu.com/6882-2/
28
reference_url https://usn.ubuntu.com/6883-1/
reference_id USN-6883-1
reference_type
scores
url https://usn.ubuntu.com/6883-1/
29
reference_url https://usn.ubuntu.com/6884-1/
reference_id USN-6884-1
reference_type
scores
url https://usn.ubuntu.com/6884-1/
30
reference_url https://usn.ubuntu.com/8199-1/
reference_id USN-8199-1
reference_type
scores
url https://usn.ubuntu.com/8199-1/
fixed_packages
0
url pkg:deb/debian/glance@2:21.0.0-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/glance@2:21.0.0-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fyj7-ewgp-tybe
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:21.0.0-2%252Bdeb11u1%3Fdistro=trixie
1
url pkg:deb/debian/glance@2:21.1.0-1%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/glance@2:21.1.0-1%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:21.1.0-1%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/glance@2:25.1.0-2%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/glance@2:25.1.0-2%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:25.1.0-2%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/glance@2:25.1.0-2%2Bdeb12u3?distro=trixie
purl pkg:deb/debian/glance@2:25.1.0-2%2Bdeb12u3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:25.1.0-2%252Bdeb12u3%3Fdistro=trixie
4
url pkg:deb/debian/glance@2:28.0.1-3%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/glance@2:28.0.1-3%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:28.0.1-3%252Bdeb12u1%3Fdistro=trixie
5
url pkg:deb/debian/glance@2:30.0.0-3%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/glance@2:30.0.0-3%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:30.0.0-3%252Bdeb13u2%3Fdistro=trixie
6
url pkg:deb/debian/glance@2:32.0.0-2?distro=trixie
purl pkg:deb/debian/glance@2:32.0.0-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:32.0.0-2%3Fdistro=trixie
aliases CVE-2024-32498, GHSA-r4v4-w9pv-6fph
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ef5k-jqxk-ukag
10
url VCID-feu6-2tby-fbhr
vulnerability_id VCID-feu6-2tby-fbhr
summary The v1 API in OpenStack Glance Essex (2012.1), Folsom (2012.2), and Grizzly, when using the single-tenant Swift or S3 store, reports the location field, which allows remote authenticated users to obtain the operator's backend credentials via a request for a cached image.
references
0
reference_url http://osvdb.org/91304
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://osvdb.org/91304
1
reference_url http://rhn.redhat.com/errata/RHSA-2013-0707.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-0707.html
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-1840
reference_id
reference_type
scores
0
value 0.00344
scoring_system epss
scoring_elements 0.57197
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-1840
3
reference_url https://bugs.launchpad.net/glance/+bug/1135541
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/glance/+bug/1135541
4
reference_url http://secunia.com/advisories/52565
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/52565
5
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/82878
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/82878
6
reference_url https://github.com/openstack/glance
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/glance
7
reference_url https://github.com/openstack/glance/commit/74b067df9726f9cf3e6e17e248719794a6ee0745
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/glance/commit/74b067df9726f9cf3e6e17e248719794a6ee0745
8
reference_url https://github.com/openstack/glance/commit/dd849a9be540bedd4fd904cc0b86ccd9c3e34af2
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/glance/commit/dd849a9be540bedd4fd904cc0b86ccd9c3e34af2
9
reference_url https://github.com/openstack/glance/commit/e75764eee34915f8bc5b664ac18e47a556c9d3dd
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/glance/commit/e75764eee34915f8bc5b664ac18e47a556c9d3dd
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-1840
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-1840
11
reference_url https://review.openstack.org/#/c/24437
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://review.openstack.org/#/c/24437
12
reference_url https://review.openstack.org/#/c/24437/
reference_id
reference_type
scores
url https://review.openstack.org/#/c/24437/
13
reference_url https://review.openstack.org/#/c/24438
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://review.openstack.org/#/c/24438
14
reference_url https://review.openstack.org/#/c/24438/
reference_id
reference_type
scores
url https://review.openstack.org/#/c/24438/
15
reference_url https://review.openstack.org/#/c/24439
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://review.openstack.org/#/c/24439
16
reference_url https://review.openstack.org/#/c/24439/
reference_id
reference_type
scores
url https://review.openstack.org/#/c/24439/
17
reference_url http://www.openwall.com/lists/oss-security/2013/03/14/15
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2013/03/14/15
18
reference_url http://www.securityfocus.com/bid/58490
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/58490
19
reference_url http://www.ubuntu.com/usn/USN-1764-1
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-1764-1
20
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=703063
reference_id 703063
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=703063
21
reference_url https://usn.ubuntu.com/1764-1/
reference_id USN-1764-1
reference_type
scores
url https://usn.ubuntu.com/1764-1/
fixed_packages
0
url pkg:deb/debian/glance@2012.1.1-5?distro=trixie
purl pkg:deb/debian/glance@2012.1.1-5?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2012.1.1-5%3Fdistro=trixie
1
url pkg:deb/debian/glance@2:21.0.0-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/glance@2:21.0.0-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fyj7-ewgp-tybe
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:21.0.0-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/glance@2:25.1.0-2%2Bdeb12u3?distro=trixie
purl pkg:deb/debian/glance@2:25.1.0-2%2Bdeb12u3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:25.1.0-2%252Bdeb12u3%3Fdistro=trixie
3
url pkg:deb/debian/glance@2:30.0.0-3%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/glance@2:30.0.0-3%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:30.0.0-3%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/glance@2:32.0.0-2?distro=trixie
purl pkg:deb/debian/glance@2:32.0.0-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:32.0.0-2%3Fdistro=trixie
aliases CVE-2013-1840, GHSA-c8w9-83vg-r8vv, PYSEC-2013-46
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-feu6-2tby-fbhr
11
url VCID-ff5m-szfz-zfb6
vulnerability_id VCID-ff5m-szfz-zfb6
summary
references
0
reference_url https://access.redhat.com/errata/RHSA-2016:0309
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:0309
1
reference_url https://access.redhat.com/errata/RHSA-2016:0352
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:0352
2
reference_url https://access.redhat.com/errata/RHSA-2016:0354
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:0354
3
reference_url https://access.redhat.com/errata/RHSA-2016:0358
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:0358
4
reference_url https://access.redhat.com/security/cve/CVE-2016-0757
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2016-0757
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-0757
reference_id
reference_type
scores
0
value 0.00233
scoring_system epss
scoring_elements 0.46246
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-0757
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1302607
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1302607
7
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.5
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:S/C:N/I:P/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
8
reference_url https://opendev.org/openstack/glance
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://opendev.org/openstack/glance
9
reference_url https://rhn.redhat.com/errata/RHSA-2016-0309.html
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://rhn.redhat.com/errata/RHSA-2016-0309.html
10
reference_url https://security.openstack.org/ossa/OSSA-2016-006.html
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.openstack.org/ossa/OSSA-2016-006.html
11
reference_url https://web.archive.org/web/20210123081823/https://www.securityfocus.com/bid/82696
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210123081823/https://www.securityfocus.com/bid/82696
12
reference_url https://usn.ubuntu.com/3446-1/
reference_id USN-3446-1
reference_type
scores
url https://usn.ubuntu.com/3446-1/
fixed_packages
0
url pkg:deb/debian/glance@2:12.0.0-1?distro=trixie
purl pkg:deb/debian/glance@2:12.0.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:12.0.0-1%3Fdistro=trixie
1
url pkg:deb/debian/glance@2:21.0.0-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/glance@2:21.0.0-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fyj7-ewgp-tybe
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:21.0.0-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/glance@2:25.1.0-2%2Bdeb12u3?distro=trixie
purl pkg:deb/debian/glance@2:25.1.0-2%2Bdeb12u3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:25.1.0-2%252Bdeb12u3%3Fdistro=trixie
3
url pkg:deb/debian/glance@2:30.0.0-3%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/glance@2:30.0.0-3%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:30.0.0-3%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/glance@2:32.0.0-2?distro=trixie
purl pkg:deb/debian/glance@2:32.0.0-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:32.0.0-2%3Fdistro=trixie
aliases CVE-2016-0757, GHSA-5xrj-ghhp-hx7p
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ff5m-szfz-zfb6
12
url VCID-hqxc-m5rv-v7bd
vulnerability_id VCID-hqxc-m5rv-v7bd
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-3289
reference_id
reference_type
scores
0
value 0.00422
scoring_system epss
scoring_elements 0.62365
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-3289
1
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=793896
reference_id 793896
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=793896
fixed_packages
0
url pkg:deb/debian/glance@2015.1.0-4?distro=trixie
purl pkg:deb/debian/glance@2015.1.0-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2015.1.0-4%3Fdistro=trixie
1
url pkg:deb/debian/glance@2:21.0.0-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/glance@2:21.0.0-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fyj7-ewgp-tybe
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:21.0.0-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/glance@2:25.1.0-2%2Bdeb12u3?distro=trixie
purl pkg:deb/debian/glance@2:25.1.0-2%2Bdeb12u3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:25.1.0-2%252Bdeb12u3%3Fdistro=trixie
3
url pkg:deb/debian/glance@2:30.0.0-3%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/glance@2:30.0.0-3%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:30.0.0-3%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/glance@2:32.0.0-2?distro=trixie
purl pkg:deb/debian/glance@2:32.0.0-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:32.0.0-2%3Fdistro=trixie
aliases CVE-2015-3289
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hqxc-m5rv-v7bd
13
url VCID-hv5w-ujbk-q7h4
vulnerability_id VCID-hv5w-ujbk-q7h4
summary OpenStack Image Registry and Delivery Service (Glance) 2013.2 through 2013.2.1 and Icehouse before icehouse-2 logs a URL containing the Swift store backend password when authentication fails and WARNING level logging is enabled, which allows local users to obtain sensitive information by reading the log.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2014-0229.html
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-0229.html
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-1948
reference_id
reference_type
scores
0
value 0.00062
scoring_system epss
scoring_elements 0.1953
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-1948
2
reference_url https://bugs.launchpad.net/glance/+bug/1275062
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/glance/+bug/1275062
3
reference_url http://secunia.com/advisories/56419
reference_id
reference_type
scores
url http://secunia.com/advisories/56419
4
reference_url https://github.com/openstack/glance
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/glance
5
reference_url https://github.com/openstack/glance/commit/108f0e04ad2ed3dc287f1b71b987a7e9d66072ba
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/glance/commit/108f0e04ad2ed3dc287f1b71b987a7e9d66072ba
6
reference_url https://github.com/openstack/glance/commit/f6e41e9c0ff3aa9ee57b8c8ed8c789f1aff019bc
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/glance/commit/f6e41e9c0ff3aa9ee57b8c8ed8c789f1aff019bc
7
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/glance/PYSEC-2014-102.yaml
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/glance/PYSEC-2014-102.yaml
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-1948
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-1948
9
reference_url http://www.openwall.com/lists/oss-security/2014/02/12/18
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2014/02/12/18
10
reference_url http://www.securityfocus.com/bid/65507
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/65507
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=738924
reference_id 738924
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=738924
fixed_packages
0
url pkg:deb/debian/glance@2013.2.2-1?distro=trixie
purl pkg:deb/debian/glance@2013.2.2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2013.2.2-1%3Fdistro=trixie
1
url pkg:deb/debian/glance@2:21.0.0-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/glance@2:21.0.0-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fyj7-ewgp-tybe
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:21.0.0-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/glance@2:25.1.0-2%2Bdeb12u3?distro=trixie
purl pkg:deb/debian/glance@2:25.1.0-2%2Bdeb12u3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:25.1.0-2%252Bdeb12u3%3Fdistro=trixie
3
url pkg:deb/debian/glance@2:30.0.0-3%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/glance@2:30.0.0-3%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:30.0.0-3%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/glance@2:32.0.0-2?distro=trixie
purl pkg:deb/debian/glance@2:32.0.0-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:32.0.0-2%3Fdistro=trixie
aliases CVE-2014-1948, GHSA-4xw6-hj5p-4j79, PYSEC-2014-102
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hv5w-ujbk-q7h4
14
url VCID-q73b-frfe-zfbc
vulnerability_id VCID-q73b-frfe-zfbc
summary store/swift.py in OpenStack Glance Essex (2012.1), Folsom (2012.2) before 2012.2.3, and Grizzly, when in Swift single tenant mode, logs the Swift endpoint's user name and password in cleartext when the endpoint is misconfigured or unusable, allows remote authenticated users to obtain sensitive information by reading the error messages.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2013-0209.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-0209.html
1
reference_url https://access.redhat.com/errata/RHSA-2013:0209
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2013:0209
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-0212
reference_id
reference_type
scores
0
value 0.01144
scoring_system epss
scoring_elements 0.78752
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-0212
3
reference_url https://bugs.launchpad.net/glance/+bug/1098962
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/glance/+bug/1098962
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=902964
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=902964
5
reference_url http://secunia.com/advisories/51957
reference_id
reference_type
scores
url http://secunia.com/advisories/51957
6
reference_url http://secunia.com/advisories/51990
reference_id
reference_type
scores
url http://secunia.com/advisories/51990
7
reference_url https://github.com/openstack/glance
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/glance
8
reference_url https://github.com/openstack/glance/commit/37d4d96bf88c2bf3e7e9511b5e321cf4bed364b7
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/glance/commit/37d4d96bf88c2bf3e7e9511b5e321cf4bed364b7
9
reference_url https://github.com/openstack/glance/commit/96a470be64adcef97f235ca96ed3c59ed954a4c1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/glance/commit/96a470be64adcef97f235ca96ed3c59ed954a4c1
10
reference_url https://github.com/openstack/glance/commit/e96273112b5b5da58d970796b7cfce04c5030a89
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/glance/commit/e96273112b5b5da58d970796b7cfce04c5030a89
11
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/glance/PYSEC-2013-37.yaml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/glance/PYSEC-2013-37.yaml
12
reference_url https://launchpad.net/glance/+milestone/2012.2.3
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://launchpad.net/glance/+milestone/2012.2.3
13
reference_url https://lists.launchpad.net/openstack/msg20517.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.launchpad.net/openstack/msg20517.html
14
reference_url http://ubuntu.com/usn/usn-1710-1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://ubuntu.com/usn/usn-1710-1
15
reference_url http://www.openwall.com/lists/oss-security/2013/01/29/10
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2013/01/29/10
16
reference_url https://access.redhat.com/security/cve/CVE-2013-0212
reference_id CVE-2013-0212
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2013-0212
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-0212
reference_id CVE-2013-0212
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-0212
18
reference_url https://github.com/advisories/GHSA-xv7j-2v4w-cjvh
reference_id GHSA-xv7j-2v4w-cjvh
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xv7j-2v4w-cjvh
19
reference_url https://usn.ubuntu.com/1710-1/
reference_id USN-1710-1
reference_type
scores
url https://usn.ubuntu.com/1710-1/
fixed_packages
0
url pkg:deb/debian/glance@2012.1.1-4?distro=trixie
purl pkg:deb/debian/glance@2012.1.1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2012.1.1-4%3Fdistro=trixie
1
url pkg:deb/debian/glance@2:21.0.0-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/glance@2:21.0.0-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fyj7-ewgp-tybe
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:21.0.0-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/glance@2:25.1.0-2%2Bdeb12u3?distro=trixie
purl pkg:deb/debian/glance@2:25.1.0-2%2Bdeb12u3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:25.1.0-2%252Bdeb12u3%3Fdistro=trixie
3
url pkg:deb/debian/glance@2:30.0.0-3%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/glance@2:30.0.0-3%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:30.0.0-3%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/glance@2:32.0.0-2?distro=trixie
purl pkg:deb/debian/glance@2:32.0.0-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:32.0.0-2%3Fdistro=trixie
aliases CVE-2013-0212, GHSA-xv7j-2v4w-cjvh, PYSEC-2013-37
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q73b-frfe-zfbc
15
url VCID-r4cz-jsy9-wffv
vulnerability_id VCID-r4cz-jsy9-wffv
summary
references
0
reference_url https://access.redhat.com/errata/RHSA-2015:1897
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2015:1897
1
reference_url https://access.redhat.com/security/cve/CVE-2015-5286
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2015-5286
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-5286
reference_id
reference_type
scores
0
value 0.00328
scoring_system epss
scoring_elements 0.55926
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-5286
3
reference_url https://bugs.launchpad.net/bugs/1498163
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/bugs/1498163
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1267516
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1267516
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-5286
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-5286
6
reference_url https://opendev.org/openstack/glance
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://opendev.org/openstack/glance
7
reference_url https://rhn.redhat.com/errata/RHSA-2015-1897.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://rhn.redhat.com/errata/RHSA-2015-1897.html
8
reference_url https://security.openstack.org/ossa/OSSA-2015-020.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.openstack.org/ossa/OSSA-2015-020.html
9
reference_url https://web.archive.org/web/20200228024859/http://www.securityfocus.com/bid/76943
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200228024859/http://www.securityfocus.com/bid/76943
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=800741
reference_id 800741
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=800741
11
reference_url https://usn.ubuntu.com/3446-1/
reference_id USN-3446-1
reference_type
scores
url https://usn.ubuntu.com/3446-1/
fixed_packages
0
url pkg:deb/debian/glance@1:11.0.0-1?distro=trixie
purl pkg:deb/debian/glance@1:11.0.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@1:11.0.0-1%3Fdistro=trixie
1
url pkg:deb/debian/glance@2:21.0.0-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/glance@2:21.0.0-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fyj7-ewgp-tybe
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:21.0.0-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/glance@2:25.1.0-2%2Bdeb12u3?distro=trixie
purl pkg:deb/debian/glance@2:25.1.0-2%2Bdeb12u3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:25.1.0-2%252Bdeb12u3%3Fdistro=trixie
3
url pkg:deb/debian/glance@2:30.0.0-3%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/glance@2:30.0.0-3%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:30.0.0-3%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/glance@2:32.0.0-2?distro=trixie
purl pkg:deb/debian/glance@2:32.0.0-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:32.0.0-2%3Fdistro=trixie
aliases CVE-2015-5286, GHSA-gvjg-r9fv-7qx9
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r4cz-jsy9-wffv
16
url VCID-rh4d-z7n8-sqfx
vulnerability_id VCID-rh4d-z7n8-sqfx
summary 
OpenStack Glance v2 API unrestricted path traversal through filesystem:// scheme
The V2 API in OpenStack Image Registry and Delivery Service (Glance) before 2014.1.4 and 2014.2.x before 2014.2.2 allows remote authenticated users to read or delete arbitrary files via a full pathname in a `filesystem://` URL in the image location property.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-9493.
references
0
reference_url http://lists.openstack.org/pipermail/openstack-announce/2015-January/000325.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.openstack.org/pipermail/openstack-announce/2015-January/000325.html
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-1195
reference_id
reference_type
scores
0
value 0.01105
scoring_system epss
scoring_elements 0.78389
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-1195
2
reference_url https://bugs.launchpad.net/ossa/+bug/1408663
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/ossa/+bug/1408663
3
reference_url http://secunia.com/advisories/62169
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/62169
4
reference_url https://github.com/openstack/glance
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/glance
5
reference_url https://github.com/openstack/glance/commit/5191ed1879c5fd5b2694f922bcedec232f461088
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/glance/commit/5191ed1879c5fd5b2694f922bcedec232f461088
6
reference_url https://github.com/openstack/glance/commit/7d3a1db33ccbd25b9fc7326ce3468eabd2a41a99
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/glance/commit/7d3a1db33ccbd25b9fc7326ce3468eabd2a41a99
7
reference_url https://github.com/openstack/glance/commit/a2d986b976e9325a272e2d422465165315d19fe6
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/glance/commit/a2d986b976e9325a272e2d422465165315d19fe6
8
reference_url http://www.openwall.com/lists/oss-security/2015/01/15/2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2015/01/15/2
9
reference_url http://www.openwall.com/lists/oss-security/2015/01/18/5
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2015/01/18/5
10
reference_url http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
11
reference_url http://www.securityfocus.com/bid/71976
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/71976
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775926
reference_id 775926
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775926
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-1195
reference_id CVE-2015-1195
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-1195
14
reference_url https://github.com/advisories/GHSA-pwrj-f53c-f89j
reference_id GHSA-pwrj-f53c-f89j
reference_type
scores
url https://github.com/advisories/GHSA-pwrj-f53c-f89j
fixed_packages
0
url pkg:deb/debian/glance@2014.1.3-11?distro=trixie
purl pkg:deb/debian/glance@2014.1.3-11?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2014.1.3-11%3Fdistro=trixie
1
url pkg:deb/debian/glance@2:21.0.0-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/glance@2:21.0.0-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fyj7-ewgp-tybe
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:21.0.0-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/glance@2:25.1.0-2%2Bdeb12u3?distro=trixie
purl pkg:deb/debian/glance@2:25.1.0-2%2Bdeb12u3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:25.1.0-2%252Bdeb12u3%3Fdistro=trixie
3
url pkg:deb/debian/glance@2:30.0.0-3%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/glance@2:30.0.0-3%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:30.0.0-3%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/glance@2:32.0.0-2?distro=trixie
purl pkg:deb/debian/glance@2:32.0.0-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:32.0.0-2%3Fdistro=trixie
aliases CVE-2015-1195, GHSA-pwrj-f53c-f89j
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rh4d-z7n8-sqfx
17
url VCID-wktt-31et-pqar
vulnerability_id VCID-wktt-31et-pqar
summary
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2014-0455.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-0455.html
1
reference_url https://access.redhat.com/errata/RHSA-2014:0455
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2014:0455
2
reference_url https://access.redhat.com/security/cve/CVE-2014-0162
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2014-0162
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-0162
reference_id
reference_type
scores
0
value 0.00557
scoring_system epss
scoring_elements 0.68496
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-0162
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1085163
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1085163
5
reference_url https://launchpad.net/bugs/1298698
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://launchpad.net/bugs/1298698
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-0162
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-0162
7
reference_url https://opendev.org/openstack/glance
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://opendev.org/openstack/glance
8
reference_url http://www.openwall.com/lists/oss-security/2014/04/10/13
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2014/04/10/13
9
reference_url http://www.ubuntu.com/usn/USN-2193-1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-2193-1
10
reference_url https://usn.ubuntu.com/2193-1/
reference_id USN-2193-1
reference_type
scores
url https://usn.ubuntu.com/2193-1/
fixed_packages
0
url pkg:deb/debian/glance@2014.1-1?distro=trixie
purl pkg:deb/debian/glance@2014.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2014.1-1%3Fdistro=trixie
1
url pkg:deb/debian/glance@2:21.0.0-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/glance@2:21.0.0-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fyj7-ewgp-tybe
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:21.0.0-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/glance@2:25.1.0-2%2Bdeb12u3?distro=trixie
purl pkg:deb/debian/glance@2:25.1.0-2%2Bdeb12u3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:25.1.0-2%252Bdeb12u3%3Fdistro=trixie
3
url pkg:deb/debian/glance@2:30.0.0-3%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/glance@2:30.0.0-3%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:30.0.0-3%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/glance@2:32.0.0-2?distro=trixie
purl pkg:deb/debian/glance@2:32.0.0-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:32.0.0-2%3Fdistro=trixie
aliases CVE-2014-0162, GHSA-r7pj-rvwg-vxhr
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wktt-31et-pqar
18
url VCID-yb46-9mhe-z3dn
vulnerability_id VCID-yb46-9mhe-z3dn
summary
references
0
reference_url https://access.redhat.com/errata/RHSA-2015:1897
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2015:1897
1
reference_url https://access.redhat.com/security/cve/CVE-2015-5251
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2015-5251
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-5251
reference_id
reference_type
scores
0
value 0.00171
scoring_system epss
scoring_elements 0.38165
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-5251
3
reference_url https://bugs.launchpad.net/bugs/1482371
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/bugs/1482371
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1263511
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1263511
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-5251
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-5251
6
reference_url https://opendev.org/openstack/glance
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://opendev.org/openstack/glance
7
reference_url https://rhn.redhat.com/errata/RHSA-2015-1897.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://rhn.redhat.com/errata/RHSA-2015-1897.html
8
reference_url https://security.openstack.org/ossa/OSSA-2015-019.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.openstack.org/ossa/OSSA-2015-019.html
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=799931
reference_id 799931
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=799931
10
reference_url https://usn.ubuntu.com/3446-1/
reference_id USN-3446-1
reference_type
scores
url https://usn.ubuntu.com/3446-1/
fixed_packages
0
url pkg:deb/debian/glance@1:11.0.0-1?distro=trixie
purl pkg:deb/debian/glance@1:11.0.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@1:11.0.0-1%3Fdistro=trixie
1
url pkg:deb/debian/glance@2:21.0.0-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/glance@2:21.0.0-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fyj7-ewgp-tybe
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:21.0.0-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/glance@2:25.1.0-2%2Bdeb12u3?distro=trixie
purl pkg:deb/debian/glance@2:25.1.0-2%2Bdeb12u3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:25.1.0-2%252Bdeb12u3%3Fdistro=trixie
3
url pkg:deb/debian/glance@2:30.0.0-3%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/glance@2:30.0.0-3%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:30.0.0-3%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/glance@2:32.0.0-2?distro=trixie
purl pkg:deb/debian/glance@2:32.0.0-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:32.0.0-2%3Fdistro=trixie
aliases CVE-2015-5251, GHSA-q748-mcwg-xmqv
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yb46-9mhe-z3dn
19
url VCID-zesb-na7g-vubz
vulnerability_id VCID-zesb-na7g-vubz
summary
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2014-1337.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-1337.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2014-1338.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-1338.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2014-1685.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-1685.html
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-5356
reference_id
reference_type
scores
0
value 0.00804
scoring_system epss
scoring_elements 0.74419
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-5356
4
reference_url https://bugs.launchpad.net/glance/+bug/1315321
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/glance/+bug/1315321
5
reference_url http://secunia.com/advisories/60743
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/60743
6
reference_url https://github.com/openstack/glance
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/glance
7
reference_url https://github.com/openstack/glance/commit/12f43cfed5a47cd16f08b7dad2424da0fc362e47
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/glance/commit/12f43cfed5a47cd16f08b7dad2424da0fc362e47
8
reference_url https://github.com/openstack/glance/commit/31a4d1852a0c27bac5757c192f300f051229a312
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/glance/commit/31a4d1852a0c27bac5757c192f300f051229a312
9
reference_url https://github.com/openstack/glance/commit/92ab00fca6926eaf3f7f92a955a5e07140063718
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/glance/commit/92ab00fca6926eaf3f7f92a955a5e07140063718
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-5356
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-5356
11
reference_url http://www.openwall.com/lists/oss-security/2014/08/21/6
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2014/08/21/6
12
reference_url http://www.ubuntu.com/usn/USN-2322-1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-2322-1
13
reference_url https://usn.ubuntu.com/2322-1/
reference_id USN-2322-1
reference_type
scores
url https://usn.ubuntu.com/2322-1/
fixed_packages
0
url pkg:deb/debian/glance@2014.1.3-1?distro=trixie
purl pkg:deb/debian/glance@2014.1.3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2014.1.3-1%3Fdistro=trixie
1
url pkg:deb/debian/glance@2:21.0.0-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/glance@2:21.0.0-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fyj7-ewgp-tybe
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:21.0.0-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/glance@2:25.1.0-2%2Bdeb12u3?distro=trixie
purl pkg:deb/debian/glance@2:25.1.0-2%2Bdeb12u3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:25.1.0-2%252Bdeb12u3%3Fdistro=trixie
3
url pkg:deb/debian/glance@2:30.0.0-3%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/glance@2:30.0.0-3%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:30.0.0-3%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/glance@2:32.0.0-2?distro=trixie
purl pkg:deb/debian/glance@2:32.0.0-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:32.0.0-2%3Fdistro=trixie
aliases CVE-2014-5356, GHSA-479j-jf2p-38pg
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zesb-na7g-vubz
20
url VCID-zhfp-fr5v-qqd2
vulnerability_id VCID-zhfp-fr5v-qqd2
summary 
Improper Access Control
When the `download_image` policy is configured, does not properly restrict access to cached images, which allows remote authenticated users to read otherwise restricted images via an image UUID.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4428
reference_id
reference_type
scores
0
value 0.00469
scoring_system epss
scoring_elements 0.64838
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4428
1
reference_url https://bugs.launchpad.net/glance/+bug/1235378
reference_id
reference_type
scores
url https://bugs.launchpad.net/glance/+bug/1235378
2
reference_url https://github.com/openstack/glance/commit/a50bfb
reference_id
reference_type
scores
url https://github.com/openstack/glance/commit/a50bfb
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=726478
reference_id 726478
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=726478
4
reference_url https://usn.ubuntu.com/2003-1/
reference_id USN-2003-1
reference_type
scores
url https://usn.ubuntu.com/2003-1/
fixed_packages
0
url pkg:deb/debian/glance@2013.2-1?distro=trixie
purl pkg:deb/debian/glance@2013.2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2013.2-1%3Fdistro=trixie
1
url pkg:deb/debian/glance@2:21.0.0-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/glance@2:21.0.0-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fyj7-ewgp-tybe
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:21.0.0-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/glance@2:25.1.0-2%2Bdeb12u3?distro=trixie
purl pkg:deb/debian/glance@2:25.1.0-2%2Bdeb12u3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:25.1.0-2%252Bdeb12u3%3Fdistro=trixie
3
url pkg:deb/debian/glance@2:30.0.0-3%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/glance@2:30.0.0-3%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:30.0.0-3%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/glance@2:32.0.0-2?distro=trixie
purl pkg:deb/debian/glance@2:32.0.0-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:32.0.0-2%3Fdistro=trixie
aliases CVE-2013-4428
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zhfp-fr5v-qqd2
21
url VCID-zhvv-w8zn-23cj
vulnerability_id VCID-zhvv-w8zn-23cj
summary OpenStack Image Registry and Delivery Service (Glance) 2014.2 through 2014.2.2 does not properly remove images, which allows remote authenticated users to cause a denial of service (disk consumption) by creating a large number of images using the task v2 API and then deleting them, a different vulnerability than CVE-2014-9684.
references
0
reference_url http://lists.openstack.org/pipermail/openstack-announce/2015-February/000336.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.openstack.org/pipermail/openstack-announce/2015-February/000336.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2015-0938.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0938.html
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-1881
reference_id
reference_type
scores
0
value 0.0058
scoring_system epss
scoring_elements 0.69222
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-1881
3
reference_url https://bugs.launchpad.net/glance/+bug/1420696
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/glance/+bug/1420696
4
reference_url https://github.com/openstack/glance
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/glance
5
reference_url https://github.com/openstack/glance/commit/25a722e614eacc47e4658f0bca6343fa52f7d03f
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/glance/commit/25a722e614eacc47e4658f0bca6343fa52f7d03f
6
reference_url https://github.com/openstack/glance/commit/78b5b0a9575cd5e9c4543ec0e8fd6072af1f0ebb
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/glance/commit/78b5b0a9575cd5e9c4543ec0e8fd6072af1f0ebb
7
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/glance/PYSEC-2015-38.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/glance/PYSEC-2015-38.yaml
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-1881
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-1881
9
reference_url http://www.securityfocus.com/bid/72694
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/72694
fixed_packages
0
url pkg:deb/debian/glance@0?distro=trixie
purl pkg:deb/debian/glance@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@0%3Fdistro=trixie
1
url pkg:deb/debian/glance@2:21.0.0-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/glance@2:21.0.0-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fyj7-ewgp-tybe
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:21.0.0-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/glance@2:25.1.0-2%2Bdeb12u3?distro=trixie
purl pkg:deb/debian/glance@2:25.1.0-2%2Bdeb12u3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:25.1.0-2%252Bdeb12u3%3Fdistro=trixie
3
url pkg:deb/debian/glance@2:30.0.0-3%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/glance@2:30.0.0-3%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:30.0.0-3%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/glance@2:32.0.0-2?distro=trixie
purl pkg:deb/debian/glance@2:32.0.0-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:32.0.0-2%3Fdistro=trixie
aliases CVE-2015-1881, GHSA-4jp4-3c62-r8jv, PYSEC-2015-38
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zhvv-w8zn-23cj
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/glance@2:21.0.0-2%252Bdeb11u1%3Fdistro=trixie