Vulnerabilities > Redhat > Openstack Platform > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-29 | CVE-2022-0718 | Information Exposure Through Log Files vulnerability in multiple products A flaw was found in python-oslo-utils. | 4.9 |
| 2022-08-25 | CVE-2021-3979 | Improper Authentication vulnerability in multiple products A key length flaw was found in Red Hat Ceph Storage. | 6.5 |
| 2022-05-10 | CVE-2022-0866 | Incorrect Authorization vulnerability in Redhat products This is a concurrency issue that can result in the wrong caller principal being returned from the session context of an EJB that is configured with a RunAs principal. | 4.3 |
| 2022-03-16 | CVE-2021-20257 | Infinite Loop vulnerability in multiple products An infinite loop flaw was found in the e1000 NIC emulator of the QEMU. | 6.5 |
| 2022-03-02 | CVE-2021-3654 | Open Redirect vulnerability in multiple products A vulnerability was found in openstack-nova's console proxy, noVNC. | 6.1 |
| 2021-06-07 | CVE-2020-1690 | Unspecified vulnerability in Redhat Openstack-Selinux and Openstack Platform An improper authorization flaw was discovered in openstack-selinux's applied policy where it does not prevent a non-root user in a container from privilege escalation. | 4.9 |
| 2021-03-23 | CVE-2021-20270 | Infinite Loop vulnerability in multiple products An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML (SML) source file, as demonstrated by input that only contains the "exception" keyword. | 5.0 |
| 2020-11-12 | CVE-2020-25658 | Covert Timing Channel vulnerability in multiple products It was found that python-rsa is vulnerable to Bleichenbacher timing attacks. | 5.9 |
| 2020-09-23 | CVE-2020-14365 | Improper Verification of Cryptographic Signature vulnerability in multiple products A flaw was found in the Ansible Engine, in ansible-engine 2.8.x before 2.8.15 and ansible-engine 2.9.x before 2.9.13, when installing packages using the dnf module. | 6.6 |
| 2020-07-31 | CVE-2020-10731 | Unspecified vulnerability in Redhat Openstack Platform 15.0/16.0/16.1 A flaw was found in the nova_libvirt container provided by the Red Hat OpenStack Platform 16, where it does not have SELinux enabled. | 6.5 |