CVE-2015-5251 glance

Metadata

medium
5.5
glance
CVE-2015-5251
2017-11-10 05:03
CVE-2015-5251
2017-08-20 17:03
2017-06-18 07:04
2017-06-16 19:15
2017-04-01 19:11
2017-01-05 20:16

Description

OpenStack Image Service (Glance) before 2014.2.4 (juno) and 2015.1.x before 2015.1.2 (kilo) allow remote authenticated users to change the status of their images and bypass access restrictions via the HTTP x-image-meta-status header to images/*.

Am I vulnerable?

The constraints below list the versions that this vulnerability is patched in, and versions that are unaffected. If a patch is ready but unrealeased, then it is pending.

Or, you can just let us figure it out for you! Appcanary continously monitor your installed packages, and tell you if any of them are vulnerable.

Sign up for monitoring

Affected package information

Release Package Patched in
buster glance 1:11.0.0-1
jessie glance 2014.1.3-12+deb8u1
sid glance 1:11.0.0-1
stretch glance 1:11.0.0-1
wheezy glance None