The copy_from feature in Image Service API v1 allowed an attacker to perform masked network port scans. It was possible to create images with a URL such as 'http://localhost:22'. This could then allow an attacker to enumerate internal network details while appearing masked, since the scan would appear to originate from the Glance image service.
External References: https://wiki.openstack.org/wiki/OSSN/OSSN-0078 https://bugs.launchpad.net/ossn/+bug/1606495 https://bugs.launchpad.net/ossn/+bug/1153614
Statement: Because the Image Service APIv1 was deprecated in Newton and because a workaround is possible, no fix is being made available. For impacted products and the recommended mitigation, see the Knowledge Base article for this issue: https://access.redhat.com/security/vulnerabilities/2999581