Vulnerabilities > Openstack
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-06 | CVE-2022-3277 | Resource Exhaustion vulnerability in multiple products An uncontrolled resource consumption flaw was found in openstack-neutron. | 6.5 |
| 2023-03-06 | CVE-2022-4134 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in multiple products A flaw was found in openstack-glance. | 2.8 |
| 2023-01-26 | CVE-2022-47951 | Path Traversal vulnerability in multiple products An issue was discovered in OpenStack Cinder before 19.1.2, 20.x before 20.0.2, and 21.0.0; Glance before 23.0.1, 24.x before 24.1.1, and 25.0.0; and Nova before 24.1.2, 25.x before 25.0.2, and 26.0.0. | 5.7 |
| 2023-01-18 | CVE-2022-3100 | Authentication Bypass by Primary Weakness vulnerability in multiple products A flaw was found in the openstack-barbican component. | 5.9 |
| 2023-01-18 | CVE-2022-47950 | Files or Directories Accessible to External Parties vulnerability in multiple products An issue was discovered in OpenStack Swift before 2.28.1, 2.29.x before 2.29.2, and 2.30.0. | 6.5 |
| 2022-12-21 | CVE-2022-38060 | Improper Privilege Management vulnerability in Openstack Kolla A privilege escalation vulnerability exists in the sudo functionality of OpenStack Kolla git master 05194e7618. | 7.8 |
| 2022-09-06 | CVE-2022-23451 | Incorrect Authorization vulnerability in multiple products An authorization flaw was found in openstack-barbican. | 8.1 |
| 2022-09-01 | CVE-2022-23452 | Incorrect Authorization vulnerability in multiple products An authorization flaw was found in openstack-barbican, where anyone with an admin role could add secrets to a different project container. | 4.9 |
| 2022-09-01 | CVE-2022-2447 | Operation on a Resource after Expiration or Release vulnerability in multiple products A flaw was found in Keystone. | 6.6 |
| 2022-08-29 | CVE-2022-0718 | Insufficiently Protected Credentials vulnerability in multiple products A flaw was found in python-oslo-utils. | 4.9 |