Approved changes feed: RSS · Atom

cpe:2.3:a:n/a:openstack:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorN/A (22f567d3-1203-528c-8f0e-3eb9c2f6ca78)
ProductOpenstack (5f097561-0894-5289-9107-231c6d9ae8f3)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2023-2088 vulnerable 2026-06-08 06:02:41.396171 Details available
A flaw was found in OpenStack due to an inconsistency between Cinder and Nova. This issue can be triggered intentionally or by accident. A remote, authenticated attacker could exploit this vulnerability by detaching one of their volumes from Cinder. The highest impact is to confidentiality.
Published: 2023-05-12T00:00:00.000Z
Updated: 2025-11-04T16:09:57.798Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-4134 vulnerable 2026-06-08 05:51:36.840752 Details available
A flaw was found in openstack-glance. This issue could allow a remote, authenticated attacker to tamper with images, compromising the integrity of virtual machines created using these modified images.
Published: 2023-03-06T00:00:00.000Z
Updated: 2025-03-06T19:53:42.138Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-3261 vulnerable 2026-06-08 05:47:19.812314 Plain-text passwords saved in /var/log/messages
MEDIUM (4.4)
A flaw was found in OpenStack. Multiple components show plain-text passwords in /var/log/messages during the OpenStack overcloud update run, leading to a disclosure of sensitive information problem.
Published: 2023-09-15T20:20:18.481Z
Updated: 2024-09-25T13:40:38.245Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-1655 vulnerable 2026-06-08 05:39:13.643339 Details available
An Incorrect Permission Assignment for Critical Resource flaw was found in Horizon on Red Hat OpenStack. Horizon session cookies are created without the HttpOnly flag despite HorizonSecureCookies being set to true in the environmental files, possibly leading to a loss of confidentiality and integrity.
Published: 2022-07-22T14:54:02.000Z
Updated: 2024-08-03T00:10:03.818Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.