First published: Sun Apr 27 2014(Updated: )
The Sheepdog backend in OpenStack Image Registry and Delivery Service (Glance) 2013.2 before 2013.2.4 and icehouse before icehouse-rc2 allows remote authenticated users with permission to insert or modify an image to execute arbitrary commands via a crafted location.
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Openstack Icehouse | =rc-1 | |
Openstack Image Registry And Delivery Service \(glance\) | =2013.2 | |
Openstack Image Registry And Delivery Service \(glance\) | =2013.2.1 | |
Openstack Image Registry And Delivery Service \(glance\) | =2013.2.2 | |
Openstack Image Registry And Delivery Service \(glance\) | =2013.2.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.