16.2

DATE	CVE	VULNERABILITY TITLE	RISK
2023-03-23	CVE-2022-3101	Incorrect Permission Assignment for Critical Resource vulnerability in multiple products A flaw was found in tripleo-ansible. local low complexity redhat openstack CWE-732	5.5
2023-03-23	CVE-2022-3146	Incorrect Permission Assignment for Critical Resource vulnerability in multiple products A flaw was found in tripleo-ansible. local low complexity redhat openstack CWE-732	5.5
2023-03-06	CVE-2022-4134	Inclusion of Functionality from Untrusted Control Sphere vulnerability in multiple products A flaw was found in openstack-glance. local low complexity openstack redhat CWE-829	2.8
2023-01-18	CVE-2022-3100	A flaw was found in the openstack-barbican component. network high complexity openstack redhat	5.9
2022-07-22	CVE-2022-1655	Incorrect Permission Assignment for Critical Resource vulnerability in Redhat Openstack 16.2 An Incorrect Permission Assignment for Critical Resource flaw was found in Horizon on Red Hat OpenStack. network low complexity redhat CWE-732	6.5
2022-03-23	CVE-2021-4180	Exposure of Resource to Wrong Sphere vulnerability in multiple products An information exposure flaw in openstack-tripleo-heat-templates allows an external user to discover the internal IP or hostname. network low complexity redhat openstack CWE-668	4.3
2022-02-18	CVE-2016-2124	Improper Authentication vulnerability in multiple products A flaw was found in the way samba implemented SMB1 authentication. network high complexity samba debian fedoraproject redhat canonical CWE-287	5.9
2022-02-18	CVE-2020-25717	Improper Input Validation vulnerability in multiple products A flaw was found in the way Samba maps domain users to local users. network low complexity samba debian fedoraproject redhat canonical CWE-20	8.1