Red Hat Openstack Cinder
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Red Hat Openstack Cinder.
By the Year
In 2026 there have been 0 vulnerabilities in Red Hat Openstack Cinder. Openstack Cinder did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 1 | 6.50 |
It may take a day or so for new Openstack Cinder vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Red Hat Openstack Cinder Security Vulnerabilities
An insecure-credentials flaw was found in all openstack-cinder versions before openstack-cinder 14.1.0
CVE-2020-10755
6.5 - Medium
- June 10, 2020
An insecure-credentials flaw was found in all openstack-cinder versions before openstack-cinder 14.1.0, all openstack-cinder 15.x.x versions before openstack-cinder 15.2.0 and all openstack-cinder 16.x.x versions before openstack-cinder 16.1.0. When using openstack-cinder with the Dell EMC ScaleIO or VxFlex OS backend storage driver, credentials for the entire backend are exposed in the ``connection_info`` element in all Block Storage v3 Attachments API calls containing that element. This flaw enables an end-user to create a volume, make an API call to show the attachment detail information, and retrieve a username and password that may be used to connect to another user's volume. Additionally, these credentials are valid for the ScaleIO or VxFlex OS Management API, should an attacker discover the Management API endpoint. Source: OpenStack project
Insufficiently Protected Credentials
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Red Hat Openstack Cinder or by Red Hat? Click the Watch button to subscribe.
