Vulnerabilities > Openstack

DATE CVE VULNERABILITY TITLE RISK
2023-01-18 CVE-2022-3100 Authentication Bypass by Primary Weakness vulnerability in multiple products
A flaw was found in the openstack-barbican component.
network
high complexity
openstack redhat CWE-305
5.9
2023-01-18 CVE-2022-47950 Files or Directories Accessible to External Parties vulnerability in Openstack Swift
An issue was discovered in OpenStack Swift before 2.28.1, 2.29.x before 2.29.2, and 2.30.0.
network
low complexity
openstack CWE-552
6.5
2022-12-21 CVE-2022-38060 Improper Privilege Management vulnerability in Openstack Kolla
A privilege escalation vulnerability exists in the sudo functionality of OpenStack Kolla git master 05194e7618.
local
low complexity
openstack CWE-269
7.8
2022-09-01 CVE-2022-2447 Operation on a Resource after Expiration or Release vulnerability in multiple products
A flaw was found in Keystone.
network
high complexity
openstack redhat CWE-672
6.6
2022-08-29 CVE-2022-0718 Insufficiently Protected Credentials vulnerability in multiple products
A flaw was found in python-oslo-utils.
network
low complexity
openstack redhat debian CWE-522
4.9
2022-08-26 CVE-2021-3563 Incorrect Authorization vulnerability in multiple products
A flaw was found in openstack-keystone.
network
high complexity
openstack debian redhat CWE-863
7.4
2022-03-23 CVE-2021-4180 Exposure of Resource to Wrong Sphere vulnerability in multiple products
An information exposure flaw in openstack-tripleo-heat-templates allows an external user to discover the internal IP or hostname.
network
low complexity
redhat openstack CWE-668
4.0
2022-03-02 CVE-2021-3654 Open Redirect vulnerability in multiple products
A vulnerability was found in openstack-nova's console proxy, noVNC.
network
high complexity
openstack redhat CWE-601
4.0
2021-09-08 CVE-2021-40797 Missing Release of Resource after Effective Lifetime vulnerability in Openstack Neutron
An issue was discovered in the routes middleware in OpenStack Neutron before 16.4.1, 17.x before 17.2.1, and 18.x before 18.1.1.
network
low complexity
openstack CWE-772
4.0
2021-08-31 CVE-2021-40085 An issue was discovered in OpenStack Neutron before 16.4.1, 17.x before 17.2.1, and 18.x before 18.1.1.
network
low complexity
openstack debian
4.0