Published: 6 March 2023
A flaw was found in openstack-glance. This issue could allow a remote, authenticated attacker to tamper with images, compromising the integrity of virtual machines created using these modified images.
as of 2022-11-29, there is no software fix for this issue, the recommended best practices to mitigate the issue is listed in the upstream OSSN. Marking CVE as deferred.
See upstream recommendations at https://wiki.openstack.org/wiki/OSSN/OSSN-0090
Severity score breakdown