Vulnerabilities > Redhat > Openstack
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-05-12 | CVE-2023-2088 | Unspecified vulnerability in Redhat Openstack A flaw was found in OpenStack due to an inconsistency between Cinder and Nova. | 6.5 |
2023-03-23 | CVE-2022-3101 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products A flaw was found in tripleo-ansible. | 5.5 |
2023-03-23 | CVE-2022-3146 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products A flaw was found in tripleo-ansible. | 5.5 |
2023-03-06 | CVE-2022-4134 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in multiple products A flaw was found in openstack-glance. | 2.8 |
2023-01-18 | CVE-2022-3100 | A flaw was found in the openstack-barbican component. | 5.9 |
2022-12-21 | CVE-2022-38065 | Improper Privilege Management vulnerability in Redhat Openstack A privilege escalation vulnerability exists in the oslo.privsep functionality of OpenStack git master 05194e7618 and prior. | 8.8 |
2022-07-22 | CVE-2022-1655 | Incorrect Permission Assignment for Critical Resource vulnerability in Redhat Openstack 16.2 An Incorrect Permission Assignment for Critical Resource flaw was found in Horizon on Red Hat OpenStack. | 6.5 |
2022-03-23 | CVE-2021-4180 | Exposure of Resource to Wrong Sphere vulnerability in multiple products An information exposure flaw in openstack-tripleo-heat-templates allows an external user to discover the internal IP or hostname. | 4.3 |
2022-03-04 | CVE-2021-3656 | Missing Authorization vulnerability in multiple products A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. | 8.8 |
2022-03-03 | CVE-2021-3620 | Unspecified vulnerability in Redhat products A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. | 5.5 |