Vulnerabilities > Openstack > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-06 | CVE-2022-3277 | Resource Exhaustion vulnerability in multiple products An uncontrolled resource consumption flaw was found in openstack-neutron. | 6.5 |
| 2023-01-26 | CVE-2022-47951 | Path Traversal vulnerability in multiple products An issue was discovered in OpenStack Cinder before 19.1.2, 20.x before 20.0.2, and 21.0.0; Glance before 23.0.1, 24.x before 24.1.1, and 25.0.0; and Nova before 24.1.2, 25.x before 25.0.2, and 26.0.0. | 5.7 |
| 2023-01-18 | CVE-2022-3100 | Authentication Bypass by Primary Weakness vulnerability in multiple products A flaw was found in the openstack-barbican component. | 5.9 |
| 2023-01-18 | CVE-2022-47950 | Files or Directories Accessible to External Parties vulnerability in multiple products An issue was discovered in OpenStack Swift before 2.28.1, 2.29.x before 2.29.2, and 2.30.0. | 6.5 |
| 2022-09-01 | CVE-2022-23452 | Incorrect Authorization vulnerability in multiple products An authorization flaw was found in openstack-barbican, where anyone with an admin role could add secrets to a different project container. | 4.9 |
| 2022-09-01 | CVE-2022-2447 | Operation on a Resource after Expiration or Release vulnerability in multiple products A flaw was found in Keystone. | 6.6 |
| 2022-08-29 | CVE-2022-0718 | Information Exposure Through Log Files vulnerability in multiple products A flaw was found in python-oslo-utils. | 4.9 |
| 2022-03-23 | CVE-2021-4180 | Exposure of Resource to Wrong Sphere vulnerability in multiple products An information exposure flaw in openstack-tripleo-heat-templates allows an external user to discover the internal IP or hostname. | 4.0 |
| 2022-03-02 | CVE-2021-3654 | Open Redirect vulnerability in multiple products A vulnerability was found in openstack-nova's console proxy, noVNC. | 6.1 |
| 2021-09-08 | CVE-2021-40797 | Missing Release of Resource after Effective Lifetime vulnerability in Openstack Neutron An issue was discovered in the routes middleware in OpenStack Neutron before 16.4.1, 17.x before 17.2.1, and 18.x before 18.1.1. | 4.0 |