cbcvebase.
CVE-2015-1881
published 2015-02-24

CVE-2015-1881: OpenStack Image Registry and Delivery Service (Glance) 2014.2 through 2014.2.2 does not properly remove images, which allows remote authenticated users to…

medium4CVSS 3.1
AVNACLAuSCNINAP
OpenStack Image Registry and Delivery Service (Glance) 2014.2 through 2014.2.2 does not properly remove images, which allows remote authenticated users to cause a denial of service (disk consumption) by creating a large number of images using the task v2 API and then deleting them, a different vulnerability than CVE-2014-9684.

Affected

5 ranges
VendorProductVersion rangeFixed in
debianglance
glance_projectglance>= 0 < 11.0.0a011.0.0a0
openstackimage_registry_and_delivery_service
openstackimage_registry_and_delivery_service
openstackimage_registry_and_delivery_service

CVSS provenance

nvd4.0MEDIUMAV:N/AC:L/Au:S/C:N/I:N/A:P
ghsa4.0MEDIUM
osv4.0MEDIUM