Vulnerabilities > Openstack
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-28 | CVE-2021-20267 | Insufficient Verification of Data Authenticity vulnerability in multiple products A flaw was found in openstack-neutron's default Open vSwitch firewall rules. | 7.1 |
| 2020-12-04 | CVE-2020-29565 | Open Redirect vulnerability in multiple products An issue was discovered in OpenStack Horizon before 15.3.2, 16.x before 16.2.1, 17.x and 18.x before 18.3.3, 18.4.x, and 18.5.x. | 6.1 |
| 2020-10-16 | CVE-2020-26943 | Unspecified vulnerability in Openstack Blazar-Dashboard An issue was discovered in OpenStack blazar-dashboard before 1.3.1, 2.0.0, and 3.0.0. | 9.9 |
| 2020-08-26 | CVE-2020-17376 | XXE vulnerability in Openstack Nova An issue was discovered in Guest.migrate in virt/libvirt/guest.py in OpenStack Nova before 19.3.1, 20.x before 20.3.1, and 21.0.0. | 8.3 |
| 2020-05-07 | CVE-2020-12692 | Authentication Bypass by Capture-replay vulnerability in multiple products An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. | 5.4 |
| 2020-05-07 | CVE-2020-12691 | Incorrect Authorization vulnerability in multiple products An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. | 8.8 |
| 2020-05-07 | CVE-2020-12690 | Insufficient Session Expiration vulnerability in Openstack Keystone An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. | 8.8 |
| 2020-05-07 | CVE-2020-12689 | Improper Privilege Management vulnerability in multiple products An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. | 8.8 |
| 2020-03-12 | CVE-2020-9543 | Incorrect Default Permissions vulnerability in Openstack Manila OpenStack Manila <7.4.1, >=8.0.0 <8.1.1, and >=9.0.0 <9.1.1 allows attackers to view, update, delete, or share resources that do not belong to them, because of a context-free lookup of a UUID. | 8.3 |
| 2020-02-19 | CVE-2015-9543 | Information Exposure vulnerability in Openstack Nova An issue was discovered in OpenStack Nova before 18.2.4, 19.x before 19.1.0, and 20.x before 20.1.0. | 3.3 |