View at Official suse advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2022-3100 severity important: SUSE including 36 source package names (openstack-barbican-5.0.2~dev3-3.17.2, openstack-barbican-7.0.1~dev24-3.17.1, …), 75 product×package rows across 5 product lines (HPE Helion OpenStack 8, SUSE OpenStack Cloud 8, … (5 product lines)): Fixed 75.
A flaw was found in the openstack-barbican component. This issue allows an access policy bypass via a query string when accessing the API.