Vulnerabilities > Redhat > Openstack Platform > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-08-29 CVE-2022-0718 Information Exposure Through Log Files vulnerability in multiple products
A flaw was found in python-oslo-utils.
network
low complexity
openstack redhat debian CWE-532
4.9
2022-08-25 CVE-2021-3979 Improper Authentication vulnerability in multiple products
A key length flaw was found in Red Hat Ceph Storage.
network
low complexity
redhat fedoraproject CWE-287
6.5
2022-05-10 CVE-2022-0866 Incorrect Authorization vulnerability in Redhat products
This is a concurrency issue that can result in the wrong caller principal being returned from the session context of an EJB that is configured with a RunAs principal.
network
low complexity
redhat CWE-863
5.3
2022-03-16 CVE-2021-20257 An infinite loop flaw was found in the e1000 NIC emulator of the QEMU.
local
low complexity
qemu fedoraproject redhat debian
6.5
2022-03-02 CVE-2021-3654 Open Redirect vulnerability in multiple products
A vulnerability was found in openstack-nova's console proxy, noVNC.
network
low complexity
openstack redhat CWE-601
6.1
2021-06-07 CVE-2020-1690 Unspecified vulnerability in Redhat Openstack-Selinux and Openstack Platform
An improper authorization flaw was discovered in openstack-selinux's applied policy where it does not prevent a non-root user in a container from privilege escalation.
local
low complexity
redhat
6.5
2021-06-02 CVE-2019-12067 NULL Pointer Dereference vulnerability in multiple products
The ahci_commit_buf function in ide/ahci.c in QEMU allows attackers to cause a denial of service (NULL dereference) when the command header 'ad->cur_cmd' is null.
local
low complexity
qemu debian fedoraproject redhat CWE-476
6.5
2020-11-12 CVE-2020-25658 It was found that python-rsa is vulnerable to Bleichenbacher timing attacks.
network
high complexity
python-rsa-project redhat fedoraproject
5.9