Nixpkgs security tracker

Login with GitHub
⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Suggestions search

Untriaged
Filter by:
With package: python314Packages.python-glanceclient

Found 1 matching suggestions

View:
Compact
Detailed
Permalink CVE-2026-34881
5.0 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): CHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): LOW
  • Availability impact (A): NONE
created 2 weeks, 3 days ago
OpenStack Glance <29.1.1, >=30.0.0 <30.1.1, ==31.0.0 is affected by Server-Side …

OpenStack Glance <29.1.1, >=30.0.0 <30.1.1, ==31.0.0 is affected by Server-Side Request Forgery (SSRF). By use of HTTP redirects, an authenticated user can bypass URL validation checks and redirect to internal services. Only glance image import functionality is affected. In particular, the web-download and glance-download import methods are subject to this vulnerability, as is the optional (not enabled by default) ovf_process image import plugin.

Affected products

Glance
  • ==31.0.0
  • <30.1.1
  • <29.1.1

Matching in nixpkgs

pkgs.glance

Self-hosted dashboard that puts all your feeds in one place

pkgs.h5glance

Explore HDF5 files in terminal & HTML views

  • nixos-unstable 0.9
    • nixpkgs-unstable 0.9
    • nixos-unstable-small 0.9
  • nixos-25.11 0.9
    • nixos-25.11-small 0.9
    • nixpkgs-25.11-darwin 0.9

Package maintainers