Every CVE whose affected-product data names Openstack Glance, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (12)
CVE-2015-5162 — CVSS 7.5 (high): The image parser in OpenStack Cinder 7.0.2 and 8.0.0 through 8.1.1; Glance before 11.0.1 and 12.0.0; and Nova before 12.0.4 and 13.0.0 does…
CVE-2024-32498 — CVSS 6.5 (medium): An issue was discovered in OpenStack Cinder through 24.0.0, Glance before 28.0.2, and Nova before 29.0.3. Arbitrary file access can occur…
CVE-2017-7200 — CVSS 5.8 (medium): An SSRF issue was discovered in OpenStack Glance before Newton. The 'copy_from' feature in the Image Service API v1 allowed an attacker to…
CVE-2022-47951 — CVSS 5.7 (medium): An issue was discovered in OpenStack Cinder before 19.1.2, 20.x before 20.0.2, and 21.0.0; Glance before 23.0.1, 24.x before 24.1.1, and…
CVE-2015-8234 — CVSS 5.5 (medium): The image signature algorithm in OpenStack Glance 11.0.0 allows remote attackers to bypass the signature verification process via a crafted…
CVE-2026-34881 — CVSS 5.0 (medium): OpenStack Glance before 29.1.1, 30.x before 30.1.1, and 31.0.0 is affected by Server-Side Request Forgery (SSRF). By use of HTTP redirects…
CVE-2016-8611 — CVSS 4.3 (medium): A vulnerability was found in Openstack Glance. No limits are enforced within the Glance image service for both v1 and v2 `/images` API POST…
CVE-2015-3289 — CVSS 4.0 (medium): OpenStack Glance before 2015.1.1 (kilo) allows remote authenticated users to cause a denial of service (disk consumption) by repeatedly…
CVE-2013-1840 — CVSS 3.5 (low): The v1 API in OpenStack Glance Essex (2012.1), Folsom (2012.2), and Grizzly, when using the single-tenant Swift or S3 store, reports the…
CVE-2015-5163 — CVSS 3.5 (low): The import task action in OpenStack Image Service (Glance) 2015.1.x before 2015.1.2 (kilo), when using the V2 API, allows remote…
CVE-2013-4428 — CVSS 3.5 (low): OpenStack Image Registry and Delivery Service (Glance) Folsom, Grizzly before 2013.1.4, and Havana before 2013.2, when the download_image…
CVE-2022-4134 — CVSS 2.8 (low): A flaw was found in openstack-glance. This issue could allow a remote, authenticated attacker to tamper with images, compromising the…