CVE-2013-1840

Priority
Description
The v1 API in OpenStack Glance Essex (2012.1), Folsom (2012.2), and
Grizzly, when using the single-tenant Swift or S3 store, reports the
location field, which allows remote authenticated users to obtain the
operator's backend credentials via a request for a cached image.
Assigned-to
jdstrand
Notes
Package
Upstream:pending (2013.1~rc1)
More Information

Updated: 2020-01-29 19:46:41 UTC (commit 768ceb2fdee6790d707d0f681e1b54916744af1e)