16.1

DATE	CVE	VULNERABILITY TITLE	RISK
2022-09-01	CVE-2022-23452	An authorization flaw was found in openstack-barbican, where anyone with an admin role could add secrets to a different project container. network low complexity openstack redhat	4.9
2022-09-01	CVE-2022-2447	Operation on a Resource after Expiration or Release vulnerability in multiple products A flaw was found in Keystone. network high complexity openstack redhat CWE-672	6.6
2022-08-29	CVE-2022-0718	Information Exposure Through Log Files vulnerability in multiple products A flaw was found in python-oslo-utils. network low complexity openstack redhat debian CWE-532	4.9
2022-08-26	CVE-2021-3563	Incorrect Authorization vulnerability in multiple products A flaw was found in openstack-keystone. network high complexity openstack debian redhat CWE-863	7.4
2022-03-02	CVE-2021-3654	Open Redirect vulnerability in multiple products A vulnerability was found in openstack-nova's console proxy, noVNC. network low complexity openstack redhat CWE-601	6.1
2021-06-07	CVE-2020-1690	Unspecified vulnerability in Redhat Openstack-Selinux and Openstack Platform An improper authorization flaw was discovered in openstack-selinux's applied policy where it does not prevent a non-root user in a container from privilege escalation. local low complexity redhat	6.5
2021-05-28	CVE-2021-20267	A flaw was found in openstack-neutron's default Open vSwitch firewall rules. network low complexity openstack redhat	7.1
2020-07-31	CVE-2020-10731	Unspecified vulnerability in Redhat Openstack Platform 15.0/16.0/16.1 A flaw was found in the nova_libvirt container provided by the Red Hat OpenStack Platform 16, where it does not have SELinux enabled. network low complexity redhat critical	9.9