USN-2003-1: Glance vulnerability
23 October 2013
Glance could be made to expose sensitive information over the network under certain circumstances.
- glance - OpenStack Image Registry and Delivery Service
Stuart McLaren discovered that Glance did not properly enforce the
'download_image' policy for cached images. An authenticated user could
exploit this to obtain sensitive information in an image protected by this