Denial of Service Vulnerability in OpenStack Glance by OpenStack
CVE-2015-3289

Currently unrated

Key Information:

Vendor
Openstack
Status
Vendor
CVE Published:
14 August 2015

Summary

OpenStack Glance versions prior to 2015.1.1 suffer from a vulnerability that enables remote authenticated users to exploit the import task flow API. By creating and deleting images repeatedly, these users can induce a denial of service by exhausting available disk space. This poses significant risks, particularly in environments where resource management is critical.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.