Vulnerabilities > Redhat > Openstack Platform

DATE CVE VULNERABILITY TITLE RISK
2022-08-29 CVE-2022-0718 Information Exposure Through Log Files vulnerability in multiple products
A flaw was found in python-oslo-utils.
network
low complexity
openstack redhat debian CWE-532
4.9
2022-08-26 CVE-2021-3563 Incorrect Authorization vulnerability in multiple products
A flaw was found in openstack-keystone.
network
high complexity
openstack debian redhat CWE-863
7.4
2022-08-25 CVE-2021-3979 Improper Authentication vulnerability in multiple products
A key length flaw was found in Red Hat Ceph Storage.
network
low complexity
redhat fedoraproject CWE-287
6.5
2022-08-17 CVE-2020-14394 Infinite Loop vulnerability in multiple products
An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Block (TRB) Ring.
local
low complexity
qemu fedoraproject redhat CWE-835
3.2
2022-05-10 CVE-2022-0866 Incorrect Authorization vulnerability in Redhat products
This is a concurrency issue that can result in the wrong caller principal being returned from the session context of an EJB that is configured with a RunAs principal.
network
low complexity
redhat CWE-863
5.3
2022-03-16 CVE-2021-20257 An infinite loop flaw was found in the e1000 NIC emulator of the QEMU.
local
low complexity
qemu fedoraproject redhat debian
6.5
2022-03-02 CVE-2021-3654 Open Redirect vulnerability in multiple products
A vulnerability was found in openstack-nova's console proxy, noVNC.
network
low complexity
openstack redhat CWE-601
6.1
2021-06-07 CVE-2020-1690 Unspecified vulnerability in Redhat Openstack-Selinux and Openstack Platform
An improper authorization flaw was discovered in openstack-selinux's applied policy where it does not prevent a non-root user in a container from privilege escalation.
local
low complexity
redhat
6.5
2021-06-02 CVE-2019-12067 NULL Pointer Dereference vulnerability in multiple products
The ahci_commit_buf function in ide/ahci.c in QEMU allows attackers to cause a denial of service (NULL dereference) when the command header 'ad->cur_cmd' is null.
local
low complexity
qemu debian fedoraproject redhat CWE-476
6.5
2021-05-28 CVE-2021-20267 A flaw was found in openstack-neutron's default Open vSwitch firewall rules.
network
low complexity
openstack redhat
7.1