CVEs (5)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
2Openstack Redhat2Barbican Openstack PlatformNov 21, 2024 Sep 24, 2023 N/A· v4 5.0 MEDIUM· v3 N/A· v2 A vulnerability was found in OpenStack Barbican containers. This vulnerability is only applicable to deployments that utilize an all-in-one configuration. Barbican containers share the same CGROUP, USER, and NET namespac...Show more |
2Openstack Redhat2Barbican Openstack PlatformNov 21, 2024 Sep 24, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 A credentials leak flaw was found in OpenStack Barbican. This flaw allows a local authenticated attacker to read the configuration file, gaining access to sensitive credentials. |
2Openstack Redhat4Barbican OpenstackOpenstack For Ibm Power+1 moreApr 3, 2025 Jan 18, 2023 N/A· v4 5.9 MEDIUM· v3 N/A· v2 A flaw was found in the openstack-barbican component. This issue allows an access policy bypass via a query string when accessing the API. |
2Openstack Redhat2Barbican Openstack PlatformNov 21, 2024 Sep 6, 2022 N/A· v4 8.1 HIGH· v3 N/A· v2 An authorization flaw was found in openstack-barbican. The default policy rules for the secret metadata API allowed any authenticated user to add, modify, or delete metadata from any secret regardless of ownership. This...Show more |
2Openstack Redhat2Barbican Openstack PlatformNov 21, 2024 Sep 1, 2022 N/A· v4 4.9 MEDIUM· v3 N/A· v2 An authorization flaw was found in openstack-barbican, where anyone with an admin role could add secrets to a different project container. This flaw allows an attacker on the network to consume protected resources and ca...Show more |