A vulnerability was found in python-glance-store. The issue occurs when the package logs the access_key for the glance-store when the DEBUG log level is enabled.
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NOpenstack Glance Store
APPOpenstack< 4.7.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Related vulnerabilities
CVE-2026-28370CRITICAL9.1PL ✓ten sam vendor
RCE w OpenStack Vitrage — wykonanie kodu przez parser zapytań API
CVE-2024-28718CRITICAL9.8PL ✓ten sam vendor
RCE w OpenStack Magnum — podatność w komponencie cert_manager.py
CVE-2021-38598CRITICAL9.1ten sam vendor
OpenStack Neutron before 16.4.1, 17.x before 17.1.3, and 18.0.0 allows hardware address impersonation when the...
CVE-2020-26943CRITICAL9.9ten sam vendor
An issue was discovered in OpenStack blazar-dashboard before 1.3.1, 2.0.0, and 3.0.0. A user allowed to access...
CVE-2013-2166CRITICAL9.8ten sam vendor
python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache encryption bypass