suse · CVE-2022-3100

Quick triage

Priority: high Published: 2022-09-29 23:39:31 UTC Updated: 2025-02-16 03:23:11 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2022-3100 severity important: SUSE including 36 source package names (openstack-barbican-5.0.2~dev3-3.17.2, openstack-barbican-7.0.1~dev24-3.17.1, …), 75 product×package rows across 5 product lines (HPE Helion OpenStack 8, SUSE OpenStack Cloud 8, … (5 product lines)): Fixed 75.

Description:

A flaw was found in the openstack-barbican component. This issue allows an access policy bypass via a query string when accessing the API.

cvelogic Threat Intelligence