Openstack

259 tracked vulnerabilities.

CVE-2026-28370 CRITICAL
OpenStack Vitrage <12.0.1,13.0.0,14.0.0,15.0.0 - Code Injection
Feb 27, 2026
CVSS 9.1
EPSS 0.00
CVE-2024-7319 MEDIUM
Openstack Heat - Information Disclosure
Aug 02, 2024
CVSS 5.0
EPSS 0.00
CVE-2024-40767 MEDIUM
OpenStack Nova <27.4.1,28.2.1,29.1.1 - Info Disclosure
Jul 24, 2024
CVSS 6.5
EPSS 0.01
CVE-2024-32498 MEDIUM
OpenStack <24.0.0, <28.0.2, <29.0.3 - Info Disclosure
Jul 05, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-28718 CRITICAL
Openstack Magnum < 14.1.2 - TOCTOU Race Condition
Apr 12, 2024
CVSS 9.8
EPSS 0.01
CVE-2024-29156 MEDIUM
OpenStack Murano <16.0.0 - Info Disclosure
Mar 18, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-1141 MEDIUM
python-glance-store - Info Disclosure
Feb 01, 2024
CVSS 5.5
EPSS 0.00
CVE-2023-1636 MEDIUM
OpenStack Barbican - Privilege Escalation
Sep 24, 2023
CVSS 6.0
EPSS 0.00
CVE-2023-1633 MEDIUM
OpenStack Barbican - Info Disclosure
Sep 24, 2023
CVSS 6.6
EPSS 0.00
CVE-2023-1625 HIGH
OpenStack heat - Info Disclosure
Sep 24, 2023
CVSS 7.4
EPSS 0.00
CVE-2022-45582 MEDIUM
Openstack Horizon < 20.1.4 - Open Redirect
Aug 22, 2023
CVSS 6.1
EPSS 0.00
CVE-2022-3146 MEDIUM
Openstack Tripleo Ansible - Path Traversal
Mar 23, 2023
CVSS 5.5
EPSS 0.00
CVE-2022-3101 MEDIUM
Openstack Tripleo Ansible - Path Traversal
Mar 23, 2023
CVSS 5.5
EPSS 0.00
CVE-2022-4134 LOW
openstack-glance - Privilege Escalation
Mar 06, 2023
CVSS 2.8
EPSS 0.00
CVE-2022-3277 MEDIUM
Openstack-Neutron - DoS
Mar 06, 2023
CVSS 6.5
EPSS 0.00
CVE-2022-47951 MEDIUM
Openstack Cinder < 19.1.2 - Path Traversal
Jan 26, 2023
CVSS 5.7
EPSS 0.01
CVE-2022-47950 MEDIUM
OpenStack Swift <2.28.1-2.30.0 - Info Disclosure
Jan 18, 2023
CVSS 6.5
EPSS 0.00
CVE-2022-3100 MEDIUM
OpenStack Barbican - Auth Bypass
Jan 18, 2023
CVSS 5.9
EPSS 0.00
CVE-2022-38060 HIGH
OpenStack Kolla - Privilege Escalation
Dec 21, 2022
CVSS 8.8
EPSS 0.00
CVE-2022-23451 HIGH
Openstack Barbican < 14.0.0 - Incorrect Authorization
Sep 06, 2022
CVSS 8.1
EPSS 0.00
CVE-2022-2447 MEDIUM
Keystone - Info Disclosure
Sep 01, 2022
CVSS 6.6
EPSS 0.01
CVE-2022-23452 MEDIUM
Openstack Barbican < 14.0.0 - Incorrect Authorization
Sep 01, 2022
CVSS 4.9
EPSS 0.00
CVE-2022-0718 MEDIUM
Python Oslo-Utils - Info Disclosure
Aug 29, 2022
CVSS 4.9
EPSS 0.00
CVE-2021-3585 MEDIUM
openstack-tripleo-heat-templates - Info Disclosure
Aug 26, 2022
CVSS 5.5
EPSS 0.00
CVE-2021-3563 HIGH
OpenStack Keystone - Auth Bypass
Aug 26, 2022
CVSS 7.4
EPSS 0.00
Products
keystone 38 nova 38 folsom 25 neutron 25 horizon 22 essex 15 image_registry_and_delivery_service_\(glance\) 15 grizzly 14 swift 13 compute 12 havana 11 glance 11 cinder 9 python-keystoneclient 7 heat 7 barbican 5 tripleo_heat_templates 5 icehouse 4 trove 3 keystonemiddleware 3 keystone_essex 2 oslo 2 ceilometer 2 cloud_magnum_orchestration 2 diablo 2 octavia 2 tripleo_ansible 2 designate 2 murano 2 magnum 2
Quick Filters
Critical CVEs With Exploits In CISA KEV