Known Vulnerabilities for products from Openstack
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Openstack".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-40683 json | Not Provided | 2026-04-14 | 2026-04-14 | |
| CVE-2026-40212 json | Not Provided | 2026-04-10 | 2026-04-10 | |
| CVE-2026-34881 json | OpenStack Glance before 29.1.1, 30.x before 30.1.1, and 31.0.0 is affected by Server-Side Request Forgery (SSRF). By use of H... | Not Provided | 2026-03-31 | 2026-04-14 |
| CVE-2026-33551 json | Not Provided | 2026-04-10 | 2026-04-10 | |
| CVE-2024-1141 json | 5.5 - MEDIUM | 2024-02-01 | 2024-04-01 | |
| CVE-2023-1636 json | A vulnerability was found in OpenStack Barbican containers. This vulnerability is only applicable to deployments that utilize... | 5 - MEDIUM | 2023-09-24 | 2023-11-07 |
| CVE-2023-1633 json | A credentials leak flaw was found in OpenStack Barbican. This flaw allows a local authenticated attacker to read the configur... | 5.5 - MEDIUM | 2023-09-24 | 2023-11-07 |
| CVE-2023-1625 json | An information leak was discovered in OpenStack heat. This issue could allow a remote, authenticated attacker to use the 'sta... | 5 - MEDIUM | 2023-09-24 | 2023-11-07 |
| CVE-2022-47951 json | An issue was discovered in OpenStack Cinder before 19.1.2, 20.x before 20.0.2, and 21.0.0; Glance before 23.0.1, 24.x before ... | 5.7 - MEDIUM | 2023-01-26 | 2023-02-06 |
| CVE-2022-47950 json | An issue was discovered in OpenStack Swift before 2.28.1, 2.29.x before 2.29.2, and 2.30.0. By supplying crafted XML files, a... | 6.5 - MEDIUM | 2023-01-18 | 2023-11-07 |
| CVE-2022-45582 json | Open Redirect vulnerability in Horizon Web Dashboard 19.4.0 thru 20.1.4 via the success_url parameter. | 6.1 - MEDIUM | 2023-08-22 | 2023-12-01 |
| CVE-2022-38060 json | A privilege escalation vulnerability exists in the sudo functionality of OpenStack Kolla git master 05194e7618. A misconfigur... | 7.8 - HIGH | 2022-12-21 | 2023-07-21 |
| CVE-2022-37394 json | An issue was discovered in OpenStack Nova before 23.2.2, 24.x before 24.1.2, and 25.x before 25.0.2. By creating a neutron po... | 3.3 - LOW | 2022-08-03 | 2022-08-10 |
| CVE-2022-23452 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 4.9 - MEDIUM | 2022-09-01 | 2023-02-12 |
| CVE-2022-23451 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 8.1 - HIGH | 2022-09-06 | 2023-02-12 |
| CVE-2022-4134 json | A flaw was found in openstack-glance. This issue could allow a remote, authenticated attacker to tamper with images, compromi... | 2.8 - LOW | 2023-03-06 | 2023-03-13 |
| CVE-2022-3277 json | An uncontrolled resource consumption flaw was found in openstack-neutron. This flaw allows a remote authenticated user to que... | 6.5 - MEDIUM | 2023-03-06 | 2023-03-13 |
| CVE-2022-3146 json | A flaw was found in tripleo-ansible. Due to an insecure default configuration, the permissions of a sensitive file are not su... | 5.5 - MEDIUM | 2023-03-23 | 2023-11-07 |
| CVE-2022-3101 json | A flaw was found in tripleo-ansible. Due to an insecure default configuration, the permissions of a sensitive file are not su... | 5.5 - MEDIUM | 2023-03-23 | 2023-11-07 |
| CVE-2022-3100 json | A flaw was found in the openstack-barbican component. This issue allows an access policy bypass via a query string when acces... | 5.9 - MEDIUM | 2023-01-18 | 2023-01-26 |
Known software with vulnerabilities from Openstack
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Openstack | Blazar-dashboard | 0.3.0 |
| Application | Openstack | Ceilometer | 0.1 |
| Application | Openstack | Cinder | 10.0.0 |
| Operating System | Openstack | Cinder | 10.0.0 |
| Application | Openstack | Compute | - |
| Application | Openstack | Devstack | - |
| Application | Openstack | Diablo | 2011.3 |
| Application | Openstack | Essex | 2012.1 |
| Application | Openstack | Folsom | - |
| Application | Openstack | Glance | 0.1.7 |
| Application | Openstack | Grizzly | 2013.1 |
| Application | Openstack | Havana | 2013.2.1 |
| Application | Openstack | Heat | 2013.2 |
| Application | Openstack | Horizon | 10.0.1 |
| Application | Openstack | Icehouse | - |
| Application | Openstack | Image Registry And Delivery Service Glance | - |
| Application | Openstack | Ironic | 4.2.0 |
| Application | Openstack | Ironic-inspector | - |
| Application | Openstack | Juno | 2014.2 |
| Application | Openstack | Keystone | - |