Search for packages
| purl | pkg:pypi/glance@11.0.0 |
| Tags | Ghost |
| Next non-vulnerable version | 29.0.0.0b1 |
| Latest non-vulnerable version | 31.1.0 |
| Risk | 3.1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-8drd-ce7k-57cn
Aliases: CVE-2015-8234 GHSA-wmhw-fvg9-87fc PYSEC-2017-143 |
The image signature algorithm in OpenStack Glance 11.0.0 allows remote attackers to bypass the signature verification process via a crafted image, which triggers an MD5 collision. | There are no reported fixed by versions. |
|
VCID-g1mf-hrds-bubz
Aliases: CVE-2016-0757 GHSA-5xrj-ghhp-hx7p |
OpenStack Image Service (Glance) vulnerable to Improper Access Control OpenStack Image Service (Glance) before 2015.1.3 (kilo) and 11.0.x before 11.0.2 (liberty), when show_multiple_locations is enabled, allow remote authenticated users to change image status and upload new image data by removing the last location of an image. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-04T14:31:31.279647+00:00 | GHSA Importer | Affected by | VCID-g1mf-hrds-bubz | https://github.com/advisories/GHSA-5xrj-ghhp-hx7p | 38.1.0 |
| 2026-04-04T14:31:23.697196+00:00 | GHSA Importer | Affected by | VCID-8drd-ce7k-57cn | https://github.com/advisories/GHSA-wmhw-fvg9-87fc | 38.1.0 |
| 2026-04-03T21:25:50.677797+00:00 | GitLab Importer | Affected by | VCID-8drd-ce7k-57cn | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/glance/CVE-2015-8234.yml | 38.1.0 |
| 2026-04-03T21:25:48.493512+00:00 | GitLab Importer | Affected by | VCID-g1mf-hrds-bubz | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/glance/CVE-2016-0757.yml | 38.1.0 |