GHSA-mc26-q38v-83gv · Severity: medium · Ecosystem: pip — OpenStack Glance is affected by Server-Side Request Forgery (SSRF)
OpenStack Glance before 29.1.1, 30.x before 30.1.1, and 31.0.0 is affected by Server-Side Request Forgery (SSRF). By use of HTTP redirects, an authenticated user can bypass URL validation checks and redirect to internal services. Only glance image import functionality is affected. In particular, the web-download and glance-download import methods are subject to this vulnerability, as is the optional (not enabled by default) ovf_process image import plugin.
Conclusion & alert: CVE-2026-34881 is rated Exploit Available (50/100): CVSS Medium severity, with low exploitation likelihood (EPSS 0.26%). Core evidence: 1 public exploit reference(s) are indexed (Exploit-DB). Mandatory action: Public exploits are available—assess exposure, apply mitigations, and prioritize patching.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
| EDB-ID | Source | Kind | Published | Link |
|---|---|---|---|---|
| — | nvd_ref | exploit_tag | Exploit-DB ↗ |
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).
| # | Date | Old EPSS score | New EPSS score | Delta (New - Old) |
|---|---|---|---|---|
| 1 | 2026-06-30 | 0.20% | 0.26% | +0.06% |
| 2 | 2026-06-15 | 0.04% | 0.20% | +0.16% |
| 3 | 2026-05-25 | — | 0.04% | — |
Full EPSS history (5 records total)
CVSS metrics for this CVE.
| Base score | Version | Severity | Vector | Exploitability | Impact | Score source |
|---|---|---|---|---|---|---|
| 5.0 | 3.1 | MEDIUM |
|
3.1 | 1.4 | [email protected] |
| 7.1 | 3.1 | HIGH |
|
2.8 | 4.2 | 0b0ca135-0b70-47e7-9f44-1890c2a1c46c |
GHSA-mc26-q38v-83gv · Severity: medium · Ecosystem: pip — OpenStack Glance is affected by Server-Side Request Forgery (SSRF)
| vendor | priority | summary | link |
|---|---|---|---|
debian
|
not yet assigned | CVE-2026-34881 not yet assigned priority: Debian including 1 source packages (glance), 5 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): resolved 4, open 1. | https://security-tracker.debian.org/tracker/CVE-2026-34881 |
redhat
|
medium | — | https://access.redhat.com/security/cve/CVE-2026-34881 |
ubuntu
|
medium | CVE-2026-34881 medium priority: Ubuntu including 1 source packages (glance), 8 status rows across 8 suites (bionic, focal, jammy, noble, questing, resolute, upstream, xenial): not-affected 5, released 3. | https://ubuntu.com/security/CVE-2026-34881 |
| URL | Tags |
|---|---|
| https://bugs.launchpad.net/glance/+bug/2138602 | Exploit Issue Tracking Third Party Advisory |
| https://security.openstack.org/ossa/OSSA-2026-004.html | Patch Vendor Advisory |
| https://access.redhat.com/security/cve/CVE-2026-34881 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=2440368 | |
| https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-34881.json |