VulnerableCode Package Details - pkg:deb/debian/glance@1:11.0.0-1?distro=trixie

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-9sg5-tbvn-syba	OpenStack Image Service (Glance) allows remote authenticated users to bypass storage quota, cause denial of service OpenStack Image Service (Glance) before 2014.2.4 (juno) and 2015.1.x before 2015.1.2 (kilo) allows remote authenticated users to bypass the storage quota and cause a denial of service (disk consumption) by deleting images that are being uploaded using a token that expires during the process. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-9623.	CVE-2015-5286 GHSA-gvjg-r9fv-7qx9
VCID-k2u9-5g8v-bucz	OpenStack Image Service (Glance) allows remote authenticated users to bypass access restrictions OpenStack Image Service (Glance) before 2014.2.4 (juno) and 2015.1.x before 2015.1.2 (kilo) allow remote authenticated users to change the status of their images and bypass access restrictions via the HTTP x-image-meta-status header to images/*.	CVE-2015-5251 GHSA-q748-mcwg-xmqv

Vulnerability

Summary

Aliases

VCID-9sg5-tbvn-syba

OpenStack Image Service (Glance) allows remote authenticated users to bypass storage quota, cause denial of service OpenStack Image Service (Glance) before 2014.2.4 (juno) and 2015.1.x before 2015.1.2 (kilo) allows remote authenticated users to bypass the storage quota and cause a denial of service (disk consumption) by deleting images that are being uploaded using a token that expires during the process. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-9623.

CVE-2015-5286
GHSA-gvjg-r9fv-7qx9

VCID-k2u9-5g8v-bucz

OpenStack Image Service (Glance) allows remote authenticated users to bypass access restrictions OpenStack Image Service (Glance) before 2014.2.4 (juno) and 2015.1.x before 2015.1.2 (kilo) allow remote authenticated users to change the status of their images and bypass access restrictions via the HTTP x-image-meta-status header to images/*.

CVE-2015-5251
GHSA-q748-mcwg-xmqv

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T10:18:49.757720+00:00	Debian Importer	Fixing	VCID-9sg5-tbvn-syba	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T10:15:15.107385+00:00	Debian Importer	Fixing	VCID-k2u9-5g8v-bucz	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-13T08:36:57.287000+00:00	Debian Importer	Fixing	VCID-k2u9-5g8v-bucz	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T06:56:30.939410+00:00	Debian Importer	Fixing	VCID-9sg5-tbvn-syba	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-03T07:25:14.140893+00:00	Debian Importer	Fixing	VCID-9sg5-tbvn-syba	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:25:14.089020+00:00	Debian Importer	Fixing	VCID-k2u9-5g8v-bucz	https://security-tracker.debian.org/tracker/data/json	38.1.0