CVE-2013-4428

Priority
Description
OpenStack Image Registry and Delivery Service (Glance) Folsom, Grizzly
before 2013.1.4, and Havana before 2013.2, when the download_image policy
is configured, does not properly restrict access to cached images, which
allows remote authenticated users to read otherwise restricted images via
an image UUID.
Assigned-to
jdstrand
Notes
jdstrandEssex (Ubuntu 12.04 LTS) does not have the download_image
Package
Upstream:released (1:2013.2~rc2)
Patches:
Upstream:https://review.openstack.org/50860 (folsom)
Upstream:https://review.openstack.org/50103 (grizzy)
More Information

Updated: 2020-09-10 02:46:43 UTC (commit 81a23a978c4436cd99e1d040e9e73e9146876281)