Search for packages
| purl | pkg:rpm/redhat/openstack-glance@2014.1.5-3?arch=el7ost |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 3.1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-9sg5-tbvn-syba
Aliases: CVE-2015-5286 GHSA-gvjg-r9fv-7qx9 |
OpenStack Image Service (Glance) allows remote authenticated users to bypass storage quota, cause denial of service OpenStack Image Service (Glance) before 2014.2.4 (juno) and 2015.1.x before 2015.1.2 (kilo) allows remote authenticated users to bypass the storage quota and cause a denial of service (disk consumption) by deleting images that are being uploaded using a token that expires during the process. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-9623. | There are no reported fixed by versions. |
|
VCID-k2u9-5g8v-bucz
Aliases: CVE-2015-5251 GHSA-q748-mcwg-xmqv |
OpenStack Image Service (Glance) allows remote authenticated users to bypass access restrictions OpenStack Image Service (Glance) before 2014.2.4 (juno) and 2015.1.x before 2015.1.2 (kilo) allow remote authenticated users to change the status of their images and bypass access restrictions via the HTTP x-image-meta-status header to images/*. | There are no reported fixed by versions. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T14:39:59.517967+00:00 | RedHat Importer | Affected by | VCID-k2u9-5g8v-bucz | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5251.json | 38.0.0 |
| 2026-04-01T14:39:58.670089+00:00 | RedHat Importer | Affected by | VCID-9sg5-tbvn-syba | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5286.json | 38.0.0 |