Barbican

Submit a proposal Propose CVE/GCVE/GHSA reference

Approved changes feed: RSS · Atom

cpe:2.3:a:openstack:barbican:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorOpenstack (7b0cf974-b2b5-592e-bdf4-6953805ef02a)
ProductBarbican (2cf4f342-4f49-5e87-920e-f7b76c8776fe)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from purl2cpe mapping

PURL mappings

PURLSourceLast updated
pkg:deb/debian/barbican purl2cpe 2026-06-01 10:17:02.570832
pkg:deb/ubuntu/barbican purl2cpe 2026-06-01 10:17:02.570836
pkg:github/openstack/barbican purl2cpe 2026-06-01 10:17:02.570838
pkg:pypi/barbican purl2cpe 2026-06-01 10:17:02.570841
pkg:rpm/opensuse/openstack-barbican purl2cpe 2026-06-01 10:17:02.570844

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2022-23452 vulnerable 2026-06-03 14:46:27.464620 Details available
An authorization flaw was found in openstack-barbican, where anyone with an admin role could add secrets to a different project container. This flaw allows an attacker on the network to consume protected resources and cause a denial of service.
Published: 2022-09-01T20:57:45.000Z
Updated: 2024-08-03T03:43:45.996Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-23451 vulnerable 2026-06-03 14:46:27.462391 Details available
An authorization flaw was found in openstack-barbican. The default policy rules for the secret metadata API allowed any authenticated user to add, modify, or delete metadata from any secret regardless of ownership. This flaw allows an attacker on the network to modify or delete protected data, causing a denial of service by consuming protected resources.
Published: 2022-09-06T17:18:52.000Z
Updated: 2024-08-03T03:43:46.011Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.