CVE-2013-4354

Currently unrated

Key Information:

Vendor: Openstack
Status: Image Registry And Delivery Service \(glance\)
Vendor: CVE Published:; 23 November 2013

Summary

The API before 2.1 in OpenStack Image Registry and Delivery Service (Glance) makes it easier for local users to inject images into arbitrary tenants by adding the tenant as a member of the image.

References

http://www.openwall.com/lists/oss-security/2013/09/19/3

mailing-listx_refsource_MLIST

https://bugs.launchpad.net/glance/+bug/1226078

x_refsource_CONFIRM

http://www.openwall.com/lists/oss-security/2013/09/19/2

mailing-listx_refsource_MLIST

Timeline

Vulnerability published
Nov 23, 2013
Vulnerability Reserved
Jun 12, 2013