Vulnerabilities > Redhat > Openstack Platform > 13.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-26 | CVE-2021-3563 | Incorrect Authorization vulnerability in multiple products A flaw was found in openstack-keystone. | 7.4 |
| 2022-08-25 | CVE-2021-3979 | Improper Authentication vulnerability in multiple products A key length flaw was found in Red Hat Ceph Storage. | 6.5 |
| 2022-08-17 | CVE-2020-14394 | Infinite Loop vulnerability in multiple products An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Block (TRB) Ring. | 3.2 |
| 2022-05-10 | CVE-2022-0866 | Incorrect Authorization vulnerability in Redhat products This is a concurrency issue that can result in the wrong caller principal being returned from the session context of an EJB that is configured with a RunAs principal. | 5.3 |
| 2022-03-16 | CVE-2021-20257 | An infinite loop flaw was found in the e1000 NIC emulator of the QEMU. | 6.5 |
| 2021-05-28 | CVE-2021-20267 | A flaw was found in openstack-neutron's default Open vSwitch firewall rules. | 7.1 |
| 2020-12-18 | CVE-2020-27781 | Insufficiently Protected Credentials vulnerability in multiple products User credentials can be manipulated and stolen by Native CephFS consumers of OpenStack Manila, resulting in potential privilege escalation. | 7.1 |
| 2020-11-12 | CVE-2020-25658 | It was found that python-rsa is vulnerable to Bleichenbacher timing attacks. | 5.9 |
| 2020-10-06 | CVE-2020-25743 | NULL Pointer Dereference vulnerability in multiple products hw/ide/pci.c in QEMU before 5.1.1 can trigger a NULL pointer dereference because it lacks a pointer check before an ide_cancel_dma_sync call. | 3.2 |
| 2020-09-23 | CVE-2020-14365 | A flaw was found in the Ansible Engine, in ansible-engine 2.8.x before 2.8.15 and ansible-engine 2.9.x before 2.9.13, when installing packages using the dnf module. | 7.1 |