High

DATE	CVE	VULNERABILITY TITLE	RISK
2024-08-21	CVE-2024-8007	Improper Certificate Validation vulnerability in Redhat Openstack Platform 16.1/16.2/17.1 A flaw was found in the openstack-tripleo-common component of the Red Hat OpenStack Platform (RHOSP) director. network high complexity redhat CWE-295	8.1
2023-11-01	CVE-2023-5625	Unspecified vulnerability in Redhat products A regression was introduced in the Red Hat build of python-eventlet due to a change in the patch application strategy, resulting in a patch for CVE-2021-21419 not being applied for all builds of all products. network low complexity redhat	7.5
2023-10-10	CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. network low complexity ietf nghttp2 netty envoyproxy eclipse caddyserver golang f5 apache apple grpc microsoft nodejs dena facebook amazon debian kazu-yamamoto istio varnish-cache-project traefik projectcontour linkerd linecorp redhat fedoraproject netapp akka konghq jenkins openresty cisco	7.5
2023-09-20	CVE-2022-3596	Unspecified vulnerability in Redhat Openstack Platform 13.0 An information leak was found in OpenStack's undercloud. network low complexity redhat	7.5
2023-09-15	CVE-2022-3261	Cleartext Transmission of Sensitive Information vulnerability in Redhat Openstack Platform 16.2 A flaw was found in OpenStack. network low complexity redhat CWE-319	7.5
2023-09-14	CVE-2023-1108	Infinite Loop vulnerability in multiple products A flaw was found in undertow. network low complexity redhat netapp CWE-835	7.5
2023-07-11	CVE-2023-3354	NULL Pointer Dereference vulnerability in multiple products A flaw was found in the QEMU built-in VNC server. network low complexity qemu redhat fedoraproject CWE-476	7.5
2023-04-10	CVE-2023-1668	Always-Incorrect Control Flow Implementation vulnerability in multiple products A flaw was found in openvswitch (OVS). network low complexity cloudbase debian redhat CWE-670	8.2
2022-09-06	CVE-2022-23451	Incorrect Authorization vulnerability in multiple products An authorization flaw was found in openstack-barbican. network low complexity openstack redhat CWE-863	8.1
2022-08-31	CVE-2022-2132	A permissive list of allowed inputs flaw was found in DPDK. network low complexity dpdk fedoraproject debian redhat	8.6