{"id":"CVE-2015-5251","details":"OpenStack Image Service (Glance) before 2014.2.4 (juno) and 2015.1.x before 2015.1.2 (kilo) allow remote authenticated users to change the status of their images and bypass access restrictions via the HTTP x-image-meta-status header to images/*.","aliases":["GHSA-q748-mcwg-xmqv"],"modified":"2026-04-10T03:45:21.384419Z","published":"2015-10-26T17:59:06Z","related":["SUSE-SU-2016:0101-1"],"references":[{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2015-1897.html"},{"type":"ADVISORY","url":"https://security.openstack.org/ossa/OSSA-2015-019.html"},{"type":"WEB","url":"https://bugs.launchpad.net/bugs/1482371"}],"schema_version":"1.7.5"}