CVE-2014-9493

EPSS 0.75%

發布日:2015/1/7修改日:2026/4/28

描述

The V2 API in OpenStack Image Registry and Delivery Service (Glance) before 2014.2.2 and 2014.1.4 allows remote authenticated users to read or delete arbitrary files via a full pathname in a file: URL in the image location property.

受影響套件(1)

Debian/glancefrom 0, < 2014.1.3-6

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2014-9493