Mfedosin

**Name of the Vulnerable Software and Affected Versions** OpenStack Image Registry and Delivery Service (Glance) versions 2014.2 through 2014.2.2 **Description** The issue allows remote authenticated users to cause a denial of service, specifically disk consumption, by creating a large number of images using the task v2 API and then deleting them before the uploads finish. **Recommendations** For versions 2014.2 through 2014.2.2, consider restricting access to the task v2 API to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.