OpenStack Glance Inclusion of Functionality from Untrusted Control Sphere vulnerability

GHSA-5gp5-vxj6-4257 · CVE-2022-4134 · PYSEC-2023-270

Published Mar 7, 2023 · Modified Mar 6, 2025

Description

A flaw was found in openstack-glance. This issue could allow a remote, authenticated attacker to tamper with images, compromising the integrity of virtual machines created using these modified images.

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2016-0757
ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2022-4134
WEB https://bugs.launchpad.net/glance/+bug/1990157
WEB https://bugzilla.redhat.com/show_bug.cgi?id=2147462
PACKAGE https://github.com/openstack/glance
WEB https://github.com/pypa/advisory-database/tree/main/vulns/glance/PYSEC-2023-270.yaml
WEB https://wiki.openstack.org/wiki/OSSN/OSSN-0090

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes