CVE Catalog

CVE-2026-34881

MediumCVSS 5.0
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.26%

17th percentile - higher than 17% of all known CVEs

Summary

OpenStack Glance before versions 29.1.1, 30.1.1, and 31.0.0 is vulnerable to Server-Side Request Forgery (SSRF). An authenticated user can bypass URL validation checks using HTTP redirects to access internal services. The vulnerability affects only the image import functionality, specifically the web-download and glance-download import methods, as well as the optional ovf_process plugin.

Risk Assessment

The risk involves potential scanning and attacking of internal network resources, which could lead to data leakage, privilege escalation, or disruption of other cloud services.

Recommendation

Immediately update OpenStack Glance to version 29.1.1, 30.1.1, or later. If an update is not possible, temporarily disable the image import functionality or restrict access to trusted users only.

Original NVD description (English source)

OpenStack Glance before 29.1.1, 30.x before 30.1.1, and 31.0.0 is affected by Server-Side Request Forgery (SSRF). By use of HTTP redirects, an authenticated user can bypass URL validation checks and redirect to internal services. Only glance image import functionality is affected. In particular, the web-download and glance-download import methods are subject to this vulnerability, as is the optional (not enabled by default) ovf_process image import plugin.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS