Bug #1056420: nosetest options cause no such option errors
|
CVE-2012-4573 |
Glance
|
Fix released, assigned to Mark Washenberger
|
Bug #1057322: Image fails to upload to swift: TypeError: object of type 'CooperativeReader' has no len(
|
CVE-2012-4573 |
Glance
|
Fix released, assigned to Mark Washenberger
|
Bug #1059634: Badly named stable/folsom Glance tarballs
|
CVE-2012-4573 |
Glance
|
Invalid (unassigned)
|
Bug #1060930: Admin can update metadata of a deleted image
|
CVE-2012-4573 |
Glance
|
Fix released, assigned to Unmesh Gurjar
|
Bug #1060944: v1 API returns 200 OK when an admin deletes a deleted image
|
CVE-2012-4573 |
Glance
|
Fix released, assigned to Unmesh Gurjar
|
Bug #1065187: [OSSA-2012-017] Non-admin users can cause public glance images to be deleted
|
CVE-2012-4573 |
Glance
|
Fix released, assigned to Russell Bryant
|
Bug #1065758: No exclude option to skip tests in run_tests.sh
|
CVE-2012-4573 |
Glance
|
Fix released, assigned to Gerardo Porras
|
Bug #1071446: admins can see deleted images in v2 api
|
CVE-2012-4573 |
Glance
|
Fix released, assigned to Mark Washenberger
|
Bug #1073569: Jenkins jobs fail because of incompatibility between sqlalchemy-migrate and the newest sqlalchemy-0.8.0b1
|
CVE-2012-4573
CVE-2012-5563
CVE-2012-5571 |
Glance
|
Fix released, assigned to Sean Dague
|
Bug #1075580: Glance image-delete HTTPInternalServerError HTTP 500
|
CVE-2012-4573 |
Glance
|
Fix released, assigned to Josh Durgin
|
Bug #1076506: [OSSA-2012-017.1] Non-admin users can cause public glance images to be deleted in the v2 api
|
CVE-2012-5482 |
Glance
|
Fix released, assigned to Mark Washenberger
|
Bug #1098962: [OSSA 2013-002] glance image-download can display backend Swift password
|
CVE-2013-0212 |
Glance
|
Fix released, assigned to Dan Prince
|
Bug #1135541: [OSSA 2013-007] v1 api returns location as header for cached images
|
CVE-2013-1840 |
Glance
|
Fix released, assigned to Stuart McLaren
|
Bug #1177924: Use testr instead of nose as the unittest runner.
|
CVE-2016-0738 |
Glance
|
Fix released (unassigned)
|
Bug #1226078: Glance allows user to create images and add other tenants as members (CVE-2013-4354)
|
CVE-2013-4354 |
Glance
|
Invalid (unassigned)
|
Bug #1235378: [OSSA 2013-027] 'image_download' role in v2 causes traceback
|
CVE-2013-4428 |
Glance
|
Fix released, assigned to Zhi Yan Liu
|
Bug #1275062: [OSSA 2014-004] sensitive info in image location is logged when authentication to single tenant swift store fails (CVE-2014-1948)
|
CVE-2014-1948 |
Glance
|
Fix released, assigned to Nikhil Komawar
|
Bug #1298698: [OSSA 2014-012] Remote Code Execution in Sheepdog backend (CVE-2014-0162)
|
CVE-2014-0162 |
Glance
|
Fix released, assigned to Zhi Yan Liu
|
Bug #1400966: [OSSA-2014-041] Glance allows users to download and delete any file in glance-api server (CVE-2014-9493)
|
CVE-2014-9493 |
Glance
|
Fix released, assigned to Grant Murphy
|
Bug #1408663: [OSSA-2015-002] Glance still allows users to download and delete any file in glance-api server (CVE-2015-1195)
|
CVE-2014-9493 |
Glance
|
Fix released, assigned to Grant Murphy
|
Bug #1449062: [OSSA 2016-012] qemu-img calls need to be restricted by ulimit (CVE-2015-5162)
|
CVE-2015-1850
CVE-2015-1851
CVE-2015-5162 |
Glance
|
Fix released, assigned to Hemanth Makkapati
|
Bug #1454087: Image data stays in store if image is deleted after creating image using import task (CVE-2015-3289)
|
CVE-2015-3289 |
Glance
|
Fix released (unassigned)
|
Bug #1471912: [OSSA 2015-014] Format-guessing and file disclosure via image conversion (CVE-2015-5163)
|
CVE-2015-5163 |
Glance
|
Fix released, assigned to Flavio Percoco
|
Bug #1482371: [OSSA 2015-019] Image status can be changed by passing header 'x-image-meta-status' with PUT operation using v1 (CVE-2015-5251)
|
CVE-2015-5251 |
Glance
|
Fix released, assigned to Stuart McLaren
|
Bug #1498163: [OSSA 2015-020] Glance storage quota bypass when token is expired (CVE-2015-5286)
|
CVE-2015-5286 |
Glance
|
Fix released, assigned to Mike Fedosin
|
Bug #1525915: [OSSA 2016-006] Normal user can change image status if show_multiple_locations has been set to true (CVE-2016-0757)
|
CVE-2016-0757 |
Glance
|
Fix released, assigned to Erno Kuvaja
|
Bug #1545092: Images v2 api image-create vulnerability
|
CVE-2016-8611 |
Glance
|
Opinion (unassigned)
|
Bug #1996188: [OSSA-2023-002] Arbitrary file access through custom VMDK flat descriptor (CVE-2022-47951)
|
CVE-2022-47951 |
Glance
|
Fix released, assigned to Dan Smith
|