Red Hat Security Advisory 2013-0707-01 - These packages provide a service that acts as a registry for virtual machine images. An information leak flaw was found in the way Glance handled certain image requests. If caching were enabled, an authenticated user could use this flaw to obtain Glance's OpenStack Swift or Amazon Simple Storage Service credentials.
2b698bc3e63409f41d1caff8f398b1d32d1e55bb16d419834831e807857a9d21
Ubuntu Security Notice 1764-1 - Stuart McLaren discovered an issue with Glance v1 API requests. An authenticated attacker could exploit this to expose the Glance operator's Swift and/or S3 credentials via the response headers when requesting a cached image.
5f7ca5e0136683964cdafe38aa284436d2548ccb00bf399c52adc234b66f7bd6