Vulnerability Description
OpenStack Glance before 29.1.1, 30.x before 30.1.1, and 31.0.0 is affected by Server-Side Request Forgery (SSRF). By use of HTTP redirects, an authenticated user can bypass URL validation checks and redirect to internal services. Only glance image import functionality is affected. In particular, the web-download and glance-download import methods are subject to this vulnerability, as is the optional (not enabled by default) ovf_process image import plugin.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Openstack | Glance | < 29.1.1 |
Related Weaknesses (CWE)
References
- https://bugs.launchpad.net/glance/+bug/2138602ExploitIssue TrackingThird Party Advisory
- https://security.openstack.org/ossa/OSSA-2026-004.htmlPatchVendor Advisory
- https://bugs.launchpad.net/glance/+bug/2138602ExploitIssue TrackingThird Party Advisory
FAQ
What is CVE-2026-34881?
CVE-2026-34881 is a vulnerability with a CVSS score of 5.0 (MEDIUM). OpenStack Glance before 29.1.1, 30.x before 30.1.1, and 31.0.0 is affected by Server-Side Request Forgery (SSRF). By use of HTTP redirects, an authenticated user can bypass URL validation checks and r...
How severe is CVE-2026-34881?
CVE-2026-34881 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-34881?
Check the references section above for vendor advisories and patch information. Affected products include: Openstack Glance.