PYSEC-2026-813
Vulnerability from pysec - Published: 2026-07-06 08:03 - Updated: 2026-07-06 08:03
VLAI
Details
OpenStack Glance 2014.2.x through 2014.2.1, 2014.1.3, and earlier allows remote authenticated users to bypass the storage quota and cause a denial of service (disk consumption) by deleting an image in the saving state.
Impacted products
| Name | purl | glance | pkg:pypi/glance |
|---|
Aliases
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "glance",
"purl": "pkg:pypi/glance"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "11.0.0a0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2014-9623",
"GHSA-j4mh-9wq6-8rg6"
],
"details": "OpenStack Glance 2014.2.x through 2014.2.1, 2014.1.3, and earlier allows remote authenticated users to bypass the storage quota and cause a denial of service (disk consumption) by deleting an image in the saving state.",
"id": "PYSEC-2026-813",
"modified": "2026-07-06T08:03:25.337250Z",
"published": "2026-07-06T08:03:25.337250Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-9623"
},
{
"type": "WEB",
"url": "https://github.com/openstack/glance/commit/0dc8fbb3479a53c5bba8475d14f4c7206904c5ea"
},
{
"type": "WEB",
"url": "https://github.com/openstack/glance/commit/7d5d8657fd70b20518610b3c6f8e41e16c72fa31"
},
{
"type": "WEB",
"url": "https://github.com/openstack/glance/commit/f1260cc771ee068651aa62b972bef49d9af81eb0"
},
{
"type": "WEB",
"url": "https://bugs.launchpad.net/glance/+bug/1383973"
},
{
"type": "WEB",
"url": "https://bugs.launchpad.net/glance/+bug/1398830"
},
{
"type": "PACKAGE",
"url": "https://github.com/openstack/glance"
},
{
"type": "WEB",
"url": "https://security.openstack.org/ossa/OSSA-2015-003.html"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0644.html"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0837.html"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0838.html"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/62165"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2015/01/18/4"
},
{
"type": "WEB",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"type": "PACKAGE",
"url": "https://pypi.org/project/glance"
},
{
"type": "ADVISORY",
"url": "https://github.com/advisories/GHSA-j4mh-9wq6-8rg6"
}
],
"summary": "OpenStack Glance Bypass the storage quota and Denial of service "
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…