Fedora Account System
Red Hat Associate
Red Hat Customer
Server-Side Request Forgery (SSRF) vulnerability in the web-download import workflow of OpenStack Glance. The issue arises because validate_import_uri() validates only the initial URI using string-based hostname comparison, and urllib.request.urlopen() automatically follows HTTP redirects without revalidating the redirect destination. Additionally, alternative IP encodings (decimal, hexadecimal, octal representations) are not normalized prior to blacklist checks, allowing encoded internal IP addresses (e.g., 0x7f000001 for 127.0.0.1) to bypass validation. An authenticated user can supply a crafted URI that either redirects to an internal resource or directly references an encoded internal IP address, resulting in unauthorized internal network access and potential sensitive data exfiltration.