Attack Complexity Low
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.Test your applications
- Snyk ID SNYK-DEBIAN10-GLANCE-313224
- published 13 Apr 2016
- disclosed 13 Apr 2016
Introduced: 13 Apr 2016CVE-2016-0757 Open this link in a new tab
CWE-284 Open this link in a new tab
How to fix?
glance to version 2:12.0.0-1 or higher.
Note: Versions mentioned in the description apply only to the upstream
glance package and not the
glance package as distributed by
How to fix? for
Debian:10 relevant fixed versions and status.
OpenStack Image Service (Glance) before 2015.1.3 (kilo) and 11.0.x before 11.0.2 (liberty), when show_multiple_locations is enabled, allow remote authenticated users to change image status and upload new image data by removing the last location of an image.