Openstack Platform

DATE	CVE	VULNERABILITY TITLE	RISK
2023-09-14	CVE-2023-1108	Infinite Loop vulnerability in multiple products A flaw was found in undertow. network low complexity redhat netapp CWE-835	7.5
2023-07-25	CVE-2023-3637	Resource Exhaustion vulnerability in Redhat Openstack Platform 13.0/16.2 An uncontrolled resource consumption flaw was found in openstack-neutron. network low complexity redhat CWE-400	6.5
2023-07-11	CVE-2023-3354	NULL Pointer Dereference vulnerability in multiple products A flaw was found in the QEMU built-in VNC server. network low complexity qemu redhat fedoraproject CWE-476	7.5
2023-04-10	CVE-2023-1668	Always-Incorrect Control Flow Implementation vulnerability in multiple products A flaw was found in openvswitch (OVS). network low complexity cloudbase debian redhat CWE-670	8.2
2023-03-06	CVE-2022-3277	Resource Exhaustion vulnerability in multiple products An uncontrolled resource consumption flaw was found in openstack-neutron. network low complexity redhat openstack CWE-400	6.5
2023-01-18	CVE-2022-3100	Authentication Bypass by Primary Weakness vulnerability in multiple products A flaw was found in the openstack-barbican component. network high complexity openstack redhat CWE-305	5.9
2022-09-06	CVE-2022-23451	Incorrect Authorization vulnerability in multiple products An authorization flaw was found in openstack-barbican. network low complexity openstack redhat CWE-863	8.1
2022-09-01	CVE-2022-23452	Incorrect Authorization vulnerability in multiple products An authorization flaw was found in openstack-barbican, where anyone with an admin role could add secrets to a different project container. network low complexity openstack redhat CWE-863	4.9
2022-09-01	CVE-2022-2447	Operation on a Resource after Expiration or Release vulnerability in multiple products A flaw was found in Keystone. network high complexity openstack redhat CWE-672	6.6
2022-08-31	CVE-2022-2132	A permissive list of allowed inputs flaw was found in DPDK. network low complexity dpdk fedoraproject debian redhat	8.6