Denial of Service Vulnerability in OpenStack Image Registry by OpenStack
CVE-2015-1881

Currently unrated

Key Information:

Vendor

Openstack
Status
Image Registry And Delivery Service \(glance\)
Vendor
CVE Published:
24 February 2015

What is CVE-2015-1881?

The OpenStack Image Registry and Delivery Service (Glance) versions 2014.2 through 2014.2.2 have a vulnerability that fails to properly manage image removal. This oversight allows remote authenticated users to exploit the system by creating a large volume of images through the task v2 API, followed by their deletion. This leads to excessive disk consumption and can disrupt service availability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://lists.openstack.org/pipermail/openstack-announce/2...
mailing-listx_refsource_MLIST
http://rhn.redhat.com/errata/RHSA-2015-0938.html
vendor-advisoryx_refsource_REDHAT
https://bugs.launchpad.net/glance/+bug/1420696
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.