{"id":"USN-6073-2","summary":"python-glance-store vulnerability","details":"Jan Wasilewski and Gorka Eguileor discovered that Glance_store incorrectly\nhandled deleted volume attachments. An authenticated user or attacker could\npossibly use this issue to gain access to sensitive information.\n\nThis update may require configuration changes to be completely effective,\nplease see the upstream advisory for more information:\n\nhttps://security.openstack.org/ossa/OSSA-2023-003.html\n","modified":"2026-02-10T04:43:07Z","published":"2023-05-11T18:16:39Z","related":["UBUNTU-CVE-2023-2088"],"upstream":["CVE-2023-2088","UBUNTU-CVE-2023-2088"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-6073-2"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2023-2088"}],"affected":[{"package":{"name":"python-glance-store","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/python-glance-store@2.0.0-0ubuntu4.1?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.0.0-0ubuntu4.1"}]}],"versions":["1.0.0-0ubuntu1","1.1.0-0ubuntu2","1.1.0-0ubuntu3","2.0.0-0ubuntu1","2.0.0-0ubuntu2","2.0.0-0ubuntu3","2.0.0-0ubuntu4"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_name":"python3-glance-store","binary_version":"2.0.0-0ubuntu4.1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6073-2.json","cves_map":{"cves":[],"ecosystem":"Ubuntu:20.04:LTS"}}},{"package":{"name":"python-glance-store","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/python-glance-store@3.0.0-0ubuntu1.1?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.0.0-0ubuntu1.1"}]}],"versions":["2.7.0-0ubuntu1","3.0.0-0ubuntu1"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_name":"python3-glance-store","binary_version":"3.0.0-0ubuntu1.1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6073-2.json","cves_map":{"cves":[],"ecosystem":"Ubuntu:22.04:LTS"}}}],"schema_version":"1.7.3"}