CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2015-8234

The image signature algorithm in OpenStack Glance 11.0.0 allows remote attackers to bypass the signature verification process via a crafted image, which triggers an MD5 collision.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 48.0%

CVSS Severity

CVSS v3 Score 5.5

CVSS v2 Score 4.3

References

http://seclists.org/oss-sec/2015/q4/303
https://bugs.launchpad.net/glance/+bug/1516031
https://wiki.openstack.org/wiki/OSSN/OSSN-0061
http://seclists.org/oss-sec/2015/q4/303
https://bugs.launchpad.net/glance/+bug/1516031
https://wiki.openstack.org/wiki/OSSN/OSSN-0061

Products affected by CVE-2015-8234

Openstack » Glance » Version: 11.0.0

cpe:2.3:a:openstack:glance:11.0.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-8234

Products

Pricing

Contact Us