Alexei Galkin

**Name of the Vulnerable Software and Affected Versions** OpenStack Image Service (Glance) versions prior to 2014.2.4 (juno) OpenStack Image Service (Glance) versions prior to 2015.1.2 (kilo) **Description** The issue allows remote authenticated users to bypass the storage quota and cause a denial of service (disk consumption) by deleting images that are being uploaded using a token that expires during the process. **Recommendations** For versions prior to 2014.2.4 (juno), update to version 2014.2.4 or later. For versions prior to 2015.1.2 (kilo), update to version 2015.1.2 or later.