Known Vulnerabilities for products from Openstack

Listed below are 20 of the newest known vulnerabilities associated with the vendor "Openstack".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2026-44916 json Not Provided 2026-05-08 2026-05-11
CVE-2026-43003 json An issue was discovered in OpenStack ironic-python-agent 1.0.0 through 11.5.0. Ironic Python Agent (IPA) sometimes executes g... Not Provided 2026-05-01 2026-05-04
CVE-2026-43002 json Not Provided 2026-05-05 2026-05-06
CVE-2026-43001 json An issue was discovered in OpenStack Keystone 13 through 29. POST /v3/credentials did not validate that the caller-supplied p... Not Provided 2026-05-01 2026-05-04
CVE-2026-42997 json Not Provided 2026-05-05 2026-05-06
CVE-2026-42510 json Not Provided 2026-04-28 2026-04-30
CVE-2026-40683 json Not Provided 2026-04-14 2026-04-14
CVE-2026-40214 json Not Provided 2026-05-07 2026-05-08
CVE-2026-40213 json Not Provided 2026-05-07 2026-05-08
CVE-2026-40212 json Not Provided 2026-04-10 2026-04-10
CVE-2026-34881 json OpenStack Glance before 29.1.1, 30.x before 30.1.1, and 31.0.0 is affected by Server-Side Request Forgery (SSRF). By use of H... Not Provided 2026-03-31 2026-04-14
CVE-2024-1141 json 5.5 - MEDIUM 2024-02-01 2024-04-01
CVE-2023-1636 json A vulnerability was found in OpenStack Barbican containers. This vulnerability is only applicable to deployments that utilize... 5 - MEDIUM 2023-09-24 2023-11-07
CVE-2023-1633 json A credentials leak flaw was found in OpenStack Barbican. This flaw allows a local authenticated attacker to read the configur... 5.5 - MEDIUM 2023-09-24 2023-11-07
CVE-2023-1625 json An information leak was discovered in OpenStack heat. This issue could allow a remote, authenticated attacker to use the 'sta... 5 - MEDIUM 2023-09-24 2023-11-07
CVE-2022-47951 json An issue was discovered in OpenStack Cinder before 19.1.2, 20.x before 20.0.2, and 21.0.0; Glance before 23.0.1, 24.x before ... 5.7 - MEDIUM 2023-01-26 2023-02-06
CVE-2022-47950 json An issue was discovered in OpenStack Swift before 2.28.1, 2.29.x before 2.29.2, and 2.30.0. By supplying crafted XML files, a... 6.5 - MEDIUM 2023-01-18 2023-11-07
CVE-2022-45582 json Open Redirect vulnerability in Horizon Web Dashboard 19.4.0 thru 20.1.4 via the success_url parameter. 6.1 - MEDIUM 2023-08-22 2023-12-01
CVE-2022-38060 json A privilege escalation vulnerability exists in the sudo functionality of OpenStack Kolla git master 05194e7618. A misconfigur... 7.8 - HIGH 2022-12-21 2023-07-21
CVE-2022-37394 json An issue was discovered in OpenStack Nova before 23.2.2, 24.x before 24.1.2, and 25.x before 25.0.2. By creating a neutron po... 3.3 - LOW 2022-08-03 2022-08-10
Results limited to 20 most recent vulnerabilities

Known software with vulnerabilities from Openstack

Type Vendor Product Version
ApplicationOpenstackBlazar-dashboard0.3.0
ApplicationOpenstackCeilometer0.1
ApplicationOpenstackCinder10.0.0
Operating
System		OpenstackCinder10.0.0
ApplicationOpenstackCompute-
ApplicationOpenstackDevstack-
ApplicationOpenstackDiablo2011.3
ApplicationOpenstackEssex2012.1
ApplicationOpenstackFolsom-
ApplicationOpenstackGlance0.1.7
ApplicationOpenstackGrizzly2013.1
ApplicationOpenstackHavana2013.2.1
ApplicationOpenstackHeat2013.2
ApplicationOpenstackHorizon10.0.1
ApplicationOpenstackIcehouse-
ApplicationOpenstackImage Registry And Delivery Service Glance-
ApplicationOpenstackIronic4.2.0
ApplicationOpenstackIronic-inspector-
ApplicationOpenstackJuno2014.2
ApplicationOpenstackKeystone-
Results limited to 20 most recent known configurations