CVE-2016-4383

Priority
Description
The glance-manage db in all versions of HPE Helion Openstack Glance allows
deleted image ids to be reassigned, which allows remote authenticated users
to cause other users to boot into a modified image without notification of
the change.
Notes
mdeslaurThere is no fix for this issue, it is a documented shortcoming
see upstream advisory for recommended actions
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was ignored)
Ubuntu 16.04 LTS (Xenial Xerus):ignored
More Information

Updated: 2020-01-29 19:55:41 UTC (commit 768ceb2fdee6790d707d0f681e1b54916744af1e)