Vulnerabilities > Redhat > Openstack

DATE CVE VULNERABILITY TITLE RISK
2023-05-12 CVE-2023-2088 Unspecified vulnerability in Redhat Openstack
A flaw was found in OpenStack due to an inconsistency between Cinder and Nova.
network
low complexity
redhat
6.5
2023-03-23 CVE-2022-3101 Incorrect Permission Assignment for Critical Resource vulnerability in multiple products
A flaw was found in tripleo-ansible.
local
low complexity
redhat openstack CWE-732
5.5
2023-03-23 CVE-2022-3146 Incorrect Permission Assignment for Critical Resource vulnerability in multiple products
A flaw was found in tripleo-ansible.
local
low complexity
redhat openstack CWE-732
5.5
2023-03-06 CVE-2022-4134 Inclusion of Functionality from Untrusted Control Sphere vulnerability in multiple products
A flaw was found in openstack-glance.
local
low complexity
openstack redhat CWE-829
2.8
2023-01-18 CVE-2022-3100 A flaw was found in the openstack-barbican component.
network
high complexity
openstack redhat
5.9
2022-12-21 CVE-2022-38065 Improper Privilege Management vulnerability in Redhat Openstack
A privilege escalation vulnerability exists in the oslo.privsep functionality of OpenStack git master 05194e7618 and prior.
network
low complexity
redhat CWE-269
8.8
2022-07-22 CVE-2022-1655 Incorrect Permission Assignment for Critical Resource vulnerability in Redhat Openstack 16.2
An Incorrect Permission Assignment for Critical Resource flaw was found in Horizon on Red Hat OpenStack.
network
low complexity
redhat CWE-732
6.5
2022-03-23 CVE-2021-4180 Exposure of Resource to Wrong Sphere vulnerability in multiple products
An information exposure flaw in openstack-tripleo-heat-templates allows an external user to discover the internal IP or hostname.
network
low complexity
redhat openstack CWE-668
4.3
2022-03-04 CVE-2021-3656 Missing Authorization vulnerability in multiple products
A flaw was found in the KVM's AMD code for supporting SVM nested virtualization.
local
low complexity
linux fedoraproject redhat CWE-862
8.8
2022-03-03 CVE-2021-3620 Unspecified vulnerability in Redhat products
A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message.
local
low complexity
redhat
5.5