Known Vulnerabilities for Openstack by Redhat

Listed below are 10 of the newest known vulnerabilities associated with "Openstack" by "Redhat".

These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.

Data on known vulnerable versions is also displayed based on information from known CPEs

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2026-34881 OpenStack Glance <29.1.1, >=30.0.0 <30.1.1, ==31.0.0 is affected by Server-Side Request Forgery (SSRF). By use of HTTP redire... Not Provided 2026-03-31 2026-03-31
CVE-2021-31918 A flaw was found in tripleo-ansible version as shipped in Red Hat Openstack 16.1. The Ansible log file is readable to all use... 7.5 - HIGH 2021-05-06 2022-10-25
CVE-2021-3930 An off-by-one error was found in the SCSI device emulation in QEMU. It could occur while processing MODE SELECT commands in m... 6.5 - MEDIUM 2022-02-18 2022-10-25
CVE-2021-3656 A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (vi... 8.8 - HIGH 2022-03-04 2023-01-19
CVE-2021-3620 A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credenti... 5.5 - MEDIUM 2022-03-03 2023-12-28
CVE-2020-1739 A flaw was found in Ansible 2.7.16 and prior, 2.8.8 and prior, and 2.9.5 and prior when a password is set with the argument "... 3.9 - LOW 2020-03-12 2023-11-07
CVE-2020-1738 A flaw was found in Ansible Engine when the module package or service is used and the parameter 'use' is not specified. If a ... 3.9 - LOW 2020-03-16 2023-11-07
CVE-2020-1736 A flaw was found in Ansible Engine when a file is moved using atomic_move primitive as the file mode cannot be specified. Thi... 3.3 - LOW 2020-03-16 2023-11-07
CVE-2020-1735 A flaw was found in the Ansible Engine when the fetch module is used. An attacker could intercept the module, inject a new pa... 4.6 - MEDIUM 2020-03-16 2023-11-07
CVE-2020-1733 A race condition flaw was found in Ansible Engine 2.7.17 and prior, 2.8.9 and prior, 2.9.6 and prior when running a playbook ... 5 - MEDIUM 2020-03-11 2023-11-07
Results limited to 10 most recent vulnerabilities

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
ApplicationRedhatOpenstack7.0AllAllAll
ApplicationRedhatOpenstack5.0AllAllAll
ApplicationRedhatOpenstack4.0AllAllAll
ApplicationRedhatOpenstack3.0AllAllAll
ApplicationRedhatOpenstack2.1AllAllAll
ApplicationRedhatOpenstack2.0AllAllAll
ApplicationRedhatOpenstack16.1AllAllAll
ApplicationRedhatOpenstack15.0AllAllAll
ApplicationRedhatOpenstack14AllAllAll
ApplicationRedhatOpenstack13.0AllAllAll
ApplicationRedhatOpenstack12AllAllAll
ApplicationRedhatOpenstack11AllAllAll
ApplicationRedhatOpenstack10AllAllAll
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

CVE.report and Source URL Uptime Status status.cve.report