Vulnerabilities > Redhat > Openstack
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-12 | CVE-2023-2088 | Unspecified vulnerability in Redhat Openstack A flaw was found in OpenStack due to an inconsistency between Cinder and Nova. | 6.5 |
| 2023-03-23 | CVE-2022-3101 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products A flaw was found in tripleo-ansible. | 5.5 |
| 2023-03-23 | CVE-2022-3146 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products A flaw was found in tripleo-ansible. | 5.5 |
| 2023-03-06 | CVE-2022-4134 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in multiple products A flaw was found in openstack-glance. | 2.8 |
| 2023-01-18 | CVE-2022-3100 | Authentication Bypass by Primary Weakness vulnerability in multiple products A flaw was found in the openstack-barbican component. | 5.9 |
| 2022-12-21 | CVE-2022-38065 | Improper Privilege Management vulnerability in Redhat Openstack A privilege escalation vulnerability exists in the oslo.privsep functionality of OpenStack git master 05194e7618 and prior. | 8.8 |
| 2022-03-23 | CVE-2021-4180 | Exposure of Resource to Wrong Sphere vulnerability in multiple products An information exposure flaw in openstack-tripleo-heat-templates allows an external user to discover the internal IP or hostname. | 4.0 |
| 2022-03-04 | CVE-2021-3656 | Missing Authorization vulnerability in multiple products A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. | 8.8 |
| 2022-03-03 | CVE-2021-3620 | Information Exposure Through an Error Message vulnerability in Redhat products A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. | 5.5 |
| 2022-02-18 | CVE-2016-2124 | Improper Authentication vulnerability in multiple products A flaw was found in the way samba implemented SMB1 authentication. | 5.9 |