USN-2703-1: Cinder vulnerability
6 August 2015
Cinder could be made to access unintended files over the network by an authenticated user.
- cinder - OpenStack storage service
Bastian Blank discovered that Cinder guessed image formats based on
untrusted data. An attacker could use this to read arbitrary files from
the Cinder host.