Vulnerabilities > Redhat > Openstack Platform
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-08-29 | CVE-2022-0718 | Information Exposure Through Log Files vulnerability in multiple products A flaw was found in python-oslo-utils. | 4.9 |
2022-08-26 | CVE-2021-3563 | Incorrect Authorization vulnerability in multiple products A flaw was found in openstack-keystone. | 7.4 |
2022-08-25 | CVE-2021-3979 | Improper Authentication vulnerability in multiple products A key length flaw was found in Red Hat Ceph Storage. | 6.5 |
2022-08-17 | CVE-2020-14394 | Infinite Loop vulnerability in multiple products An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Block (TRB) Ring. | 3.2 |
2022-05-10 | CVE-2022-0866 | Incorrect Authorization vulnerability in Redhat products This is a concurrency issue that can result in the wrong caller principal being returned from the session context of an EJB that is configured with a RunAs principal. | 5.3 |
2022-03-16 | CVE-2021-20257 | An infinite loop flaw was found in the e1000 NIC emulator of the QEMU. | 6.5 |
2022-03-02 | CVE-2021-3654 | Open Redirect vulnerability in multiple products A vulnerability was found in openstack-nova's console proxy, noVNC. | 6.1 |
2021-06-07 | CVE-2020-1690 | Unspecified vulnerability in Redhat Openstack-Selinux and Openstack Platform An improper authorization flaw was discovered in openstack-selinux's applied policy where it does not prevent a non-root user in a container from privilege escalation. | 6.5 |
2021-06-02 | CVE-2019-12067 | NULL Pointer Dereference vulnerability in multiple products The ahci_commit_buf function in ide/ahci.c in QEMU allows attackers to cause a denial of service (NULL dereference) when the command header 'ad->cur_cmd' is null. | 6.5 |
2021-05-28 | CVE-2021-20267 | A flaw was found in openstack-neutron's default Open vSwitch firewall rules. | 7.1 |