Luke Hinds

**Name of the Vulnerable Software and Affected Versions** OpenStack Glance versions prior to Newton **Description** A Server-Side Request Forgery (SSRF) issue was discovered, allowing an attacker to perform masked network port scans through the 'copy from' feature in the Image Service API v1. This enables the creation of images with a URL such as 'http://localhost:22', which can then be used to enumerate internal network details while appearing masked, as the scan would seem to originate from the Glance Image service. **Recommendations** For versions prior to Newton, consider disabling the 'copy from' feature in the Image Service API v1 as a temporary workaround to minimize the risk of exploitation. Restrict access to the Image Service API v1 to prevent potential attackers from creating malicious images.

**Name of the Vulnerable Software and Affected Versions** libvirt versions prior to 2.2 **Description** The issue allows local users to obtain sensitive information, specifically Ceph credentials, via a process listing when using RADOS Block Device (RBD) because the credentials are included on the qemu command line. **Recommendations** For versions prior to 2.2, consider restricting access to process listings to minimize the risk of exploitation until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.