Hyeongeun_Ji

**Name of the Vulnerable Software and Affected Versions** OpenStack Glance versions prior to 29.1.1 OpenStack Glance versions 30.0.0 through 30.1.1 OpenStack Glance version 31.0.0 **Description** An authenticated user can bypass URL validation checks and redirect to internal services through HTTP redirects, leading to Server-Side Request Forgery (SSRF). The web-download and glance-download image import methods, as well as the ovf process image import plugin (when enabled), are affected. **Recommendations** Update to a version of OpenStack Glance greater than or equal to 29.1.1. Update to a version of OpenStack Glance greater than or equal to 30.1.1. At the moment, there is no information about a newer version that contains a fix for this vulnerability.