Paul-Mcmillan

**Name of the Vulnerable Software and Affected Versions** OpenStack Image Registry and Delivery Service (Glance) versions 2013.2 before 2013.2.4 OpenStack Image Registry and Delivery Service (Glance) versions icehouse before icehouse-rc2 **Description** The issue allows remote authenticated users with permission to insert or modify an image to execute arbitrary commands via a crafted location. **Recommendations** For OpenStack Image Registry and Delivery Service (Glance) versions 2013.2 before 2013.2.4, update to version 2013.2.4 or later. For OpenStack Image Registry and Delivery Service (Glance) versions icehouse before icehouse-rc2, update to version icehouse-rc2 or later.