Vulnerabilities > Openstack > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-06 | CVE-2022-3277 | Resource Exhaustion vulnerability in multiple products An uncontrolled resource consumption flaw was found in openstack-neutron. | 6.5 |
| 2023-01-26 | CVE-2022-47951 | Path Traversal vulnerability in multiple products An issue was discovered in OpenStack Cinder before 19.1.2, 20.x before 20.0.2, and 21.0.0; Glance before 23.0.1, 24.x before 24.1.1, and 25.0.0; and Nova before 24.1.2, 25.x before 25.0.2, and 26.0.0. | 5.7 |
| 2023-01-18 | CVE-2022-3100 | Authentication Bypass by Primary Weakness vulnerability in multiple products A flaw was found in the openstack-barbican component. | 5.9 |
| 2023-01-18 | CVE-2022-47950 | Files or Directories Accessible to External Parties vulnerability in multiple products An issue was discovered in OpenStack Swift before 2.28.1, 2.29.x before 2.29.2, and 2.30.0. | 6.5 |
| 2022-09-01 | CVE-2022-23452 | Incorrect Authorization vulnerability in multiple products An authorization flaw was found in openstack-barbican, where anyone with an admin role could add secrets to a different project container. | 4.9 |
| 2022-09-01 | CVE-2022-2447 | Operation on a Resource after Expiration or Release vulnerability in multiple products A flaw was found in Keystone. | 6.6 |
| 2022-08-29 | CVE-2022-0718 | Information Exposure Through Log Files vulnerability in multiple products A flaw was found in python-oslo-utils. | 4.9 |
| 2022-08-26 | CVE-2021-3585 | Cleartext Storage of Sensitive Information vulnerability in Openstack Tripleo Heat Templates A flaw was found in openstack-tripleo-heat-templates. | 5.5 |
| 2022-03-23 | CVE-2021-4180 | Exposure of Resource to Wrong Sphere vulnerability in multiple products An information exposure flaw in openstack-tripleo-heat-templates allows an external user to discover the internal IP or hostname. | 4.3 |
| 2022-03-02 | CVE-2021-3654 | Open Redirect vulnerability in multiple products A vulnerability was found in openstack-nova's console proxy, noVNC. | 6.1 |