Vulnerabilities > Openstack

DATE CVE VULNERABILITY TITLE RISK
2023-03-06 CVE-2022-3277 Resource Exhaustion vulnerability in multiple products
An uncontrolled resource consumption flaw was found in openstack-neutron.
network
low complexity
redhat openstack CWE-400
6.5
2023-03-06 CVE-2022-4134 Inclusion of Functionality from Untrusted Control Sphere vulnerability in multiple products
A flaw was found in openstack-glance.
local
low complexity
openstack redhat CWE-829
2.8
2023-01-26 CVE-2022-47951 Path Traversal vulnerability in multiple products
An issue was discovered in OpenStack Cinder before 19.1.2, 20.x before 20.0.2, and 21.0.0; Glance before 23.0.1, 24.x before 24.1.1, and 25.0.0; and Nova before 24.1.2, 25.x before 25.0.2, and 26.0.0.
network
low complexity
openstack debian CWE-22
5.7
2023-01-18 CVE-2022-3100 A flaw was found in the openstack-barbican component.
network
high complexity
openstack redhat
5.9
2023-01-18 CVE-2022-47950 Files or Directories Accessible to External Parties vulnerability in multiple products
An issue was discovered in OpenStack Swift before 2.28.1, 2.29.x before 2.29.2, and 2.30.0.
network
low complexity
openstack debian CWE-552
6.5
2022-12-21 CVE-2022-38060 Untrusted Search Path vulnerability in Openstack Kolla
A privilege escalation vulnerability exists in the sudo functionality of OpenStack Kolla git master 05194e7618.
local
low complexity
openstack CWE-426
7.8
2022-09-06 CVE-2022-23451 An authorization flaw was found in openstack-barbican.
network
low complexity
openstack redhat
8.1
2022-09-01 CVE-2022-23452 An authorization flaw was found in openstack-barbican, where anyone with an admin role could add secrets to a different project container.
network
low complexity
openstack redhat
4.9
2022-09-01 CVE-2022-2447 Operation on a Resource after Expiration or Release vulnerability in multiple products
A flaw was found in Keystone.
network
high complexity
openstack redhat CWE-672
6.6
2022-08-29 CVE-2022-0718 Information Exposure Through Log Files vulnerability in multiple products
A flaw was found in python-oslo-utils.
network
low complexity
openstack redhat debian CWE-532
4.9