LOW 2.8

PYSEC-2023-270

Details

A flaw was found in openstack-glance. This issue could allow a remote, authenticated attacker to tamper with images, compromising the integrity of virtual machines created using these modified images.

Are you affected?

Enter the version of the package you're using.

Affected packages

PyPI / glance

Introduced in: 0

No fixed version published yet for glance (pip). Pin to a known-safe version or switch to an alternative.

References

https://wiki.openstack.org/wiki/OSSN/OSSN-0090 [ADVISORY]
https://bugzilla.redhat.com/show_bug.cgi?id=2147462 [REPORT]
https://bugs.launchpad.net/glance/+bug/1990157 [REPORT]