PYSEC-2017-143

See a problem?
Import Source
https://github.com/pypa/advisory-database/blob/main/vulns/glance/PYSEC-2017-143.yaml
JSON Data
https://api.test.osv.dev/v1/vulns/PYSEC-2017-143
Aliases
Published
2017-03-29T14:59:00Z
Modified
2024-11-25T22:42:41.144044Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N CVSS Calculator
Summary
[none]
Details

The image signature algorithm in OpenStack Glance 11.0.0 allows remote attackers to bypass the signature verification process via a crafted image, which triggers an MD5 collision.

References

Affected packages

PyPI / glance

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Last affected
11.0.0