An SSRF issue was discovered in OpenStack Glance before Newton. The 'copy_from' feature in the Image Service API v1 allowed an attacker to perform masked network port scans. With v1, it is possible to create images with a URL such as 'http://localhost:22'. This could then allow an attacker to enumerate internal network details while appearing masked, since the scan would appear to originate from the Glance Image service.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| glance(PyPI) | 0 | 11.0.0a0 | N/A |
CVSS Metrics
