CVE-2016-0757

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2016-0757

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-0757.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2016-0757

Aliases

GHSA-5xrj-ghhp-hx7p

Related

Published

2016-04-13T17:59:09Z

Modified

2025-01-14T06:13:40.903015Z

Severity

4.3 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N CVSS Calculator

Summary

[none]

Details

OpenStack Image Service (Glance) before 2015.1.3 (kilo) and 11.0.x before 11.0.2 (liberty), when showmultiplelocations is enabled, allow remote authenticated users to change image status and upload new image data by removing the last location of an image.

References

Affected packages

Debian:11 / glance

Package

Name: glance
Purl: pkg:deb/debian/glance?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:12.0.0-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / glance

Package

Name: glance
Purl: pkg:deb/debian/glance?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:12.0.0-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / glance

Package

Name: glance
Purl: pkg:deb/debian/glance?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:12.0.0-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/openstack/glance

Affected ranges

Type: GIT
Repo: https://github.com/openstack/glance
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

0303c5c3e43da29501b8b26c82e5a0cc9b7a3ed7

Last affected

69516fad5f651a085a047a337a05c58b39023c1b

Last affected

7296a5302b00bd066ddf6b14c7d5a9afb3b88e70

Affected versions

0.*

0.1.7

11.*

11.0.0

11.0.0.0b1

11.0.0.0b2

11.0.0.0b3

11.0.0.0rc1

11.0.0.0rc2

11.0.0.0rc3

11.0.0a0

2011.*

2011.2

2013.*

2013.1.g3

2013.1.rc1

2013.2.b1

2013.2.b2

2013.2.rc1

2014.*

2014.1.b1

2014.1.b2

2014.1.b3

2014.1.rc1

2014.2

2014.2.b1

2014.2.b2

2014.2.b3

2014.2.rc1

2014.2.rc2

2014.2.rc3

2015.*

2015.1.0

2015.1.0b1

2015.1.0b2

2015.1.0b3

2015.1.0rc1

2015.1.0rc2

Other

essex-1

essex-3

folsom-2

folsom-3

grizzly-1

grizzly-2