Vulnerabilities > Openstack > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-12-21 | CVE-2022-38060 | Untrusted Search Path vulnerability in Openstack Kolla A privilege escalation vulnerability exists in the sudo functionality of OpenStack Kolla git master 05194e7618. | 7.8 |
2022-09-06 | CVE-2022-23451 | Incorrect Authorization vulnerability in multiple products An authorization flaw was found in openstack-barbican. | 8.1 |
2022-08-26 | CVE-2021-3563 | Incorrect Authorization vulnerability in multiple products A flaw was found in openstack-keystone. | 7.4 |
2021-08-06 | CVE-2021-38155 | Improper Restriction of Excessive Authentication Attempts vulnerability in Openstack Keystone OpenStack Keystone 10.x through 16.x before 16.0.2, 17.x before 17.0.1, 18.x before 18.0.1, and 19.x before 19.0.1 allows information disclosure during account locking (related to PCI DSS features). | 7.5 |
2021-05-28 | CVE-2021-20267 | Insufficient Verification of Data Authenticity vulnerability in multiple products A flaw was found in openstack-neutron's default Open vSwitch firewall rules. | 7.1 |
2020-05-07 | CVE-2020-12691 | Incorrect Authorization vulnerability in multiple products An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. | 8.8 |
2020-05-07 | CVE-2020-12690 | Insufficient Session Expiration vulnerability in Openstack Keystone An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. | 8.8 |
2020-05-07 | CVE-2020-12689 | Improper Privilege Management vulnerability in multiple products An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. | 8.8 |
2019-06-21 | CVE-2016-7404 | Information Exposure vulnerability in Openstack Magnum OpenStack Magnum passes OpenStack credentials into the Heat templates creating its instances. | 7.5 |
2018-08-27 | CVE-2017-15139 | Information Exposure vulnerability in multiple products A vulnerability was found in openstack-cinder releases up to and including Queens, allowing newly created volumes in certain storage volume configurations to contain previous data. | 7.5 |