{"id":"GHSA-r7pj-rvwg-vxhr","summary":"OpenStack Image Registry and Delivery Service (Glance) Improper Input Validation vulnerability","details":"The Sheepdog backend in OpenStack Image Registry and Delivery Service (Glance) 2013.2 before 2013.2.4 and icehouse before icehouse-rc2 allows remote authenticated users with permission to insert or modify an image to execute arbitrary commands via a crafted location.","aliases":["CVE-2014-0162"],"modified":"2023-11-08T03:57:32.366894Z","published":"2022-05-17T04:42:42Z","database_specific":{"severity":"MODERATE","github_reviewed":true,"cwe_ids":["CWE-20"],"github_reviewed_at":"2023-02-08T19:59:42Z","nvd_published_at":"2014-04-27T20:55:00Z"},"references":[{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2014-0162"},{"type":"WEB","url":"https://access.redhat.com/errata/RHSA-2014:0455"},{"type":"WEB","url":"https://access.redhat.com/security/cve/CVE-2014-0162"},{"type":"WEB","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1085163"},{"type":"WEB","url":"https://launchpad.net/bugs/1298698"},{"type":"PACKAGE","url":"https://opendev.org/openstack/glance"},{"type":"WEB","url":"http://rhn.redhat.com/errata/RHSA-2014-0455.html"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2014/04/10/13"},{"type":"WEB","url":"http://www.ubuntu.com/usn/USN-2193-1"}],"affected":[{"package":{"name":"glance","ecosystem":"PyPI","purl":"pkg:pypi/glance"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"2013.2"},{"fixed":"2013.2.4"}]}],"database_specific":{"source":"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-r7pj-rvwg-vxhr/GHSA-r7pj-rvwg-vxhr.json"}}],"schema_version":"1.7.3"}