CVE-2023-1636

Source
https://cve.org/CVERecord?id=CVE-2023-1636
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-1636.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-1636
Aliases
Published
2023-09-24T00:09:03.770Z
Modified
2026-07-08T07:02:53.234073939Z
Severity
  • 6.0 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L CVSS Calculator
Summary
Incomplete container isolation
Details

A vulnerability was found in OpenStack Barbican containers. This vulnerability is only applicable to deployments that utilize an all-in-one configuration. Barbican containers share the same CGROUP, USER, and NET namespace with the host system and other OpenStack services. If any service is compromised, it could gain access to the data transmitted to and from Barbican.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/1xxx/CVE-2023-1636.json",
    "cna_assigner": "redhat",
    "cwe_ids": [
        "CWE-653"
    ]
}
References

Affected packages

Git / github.com/openstack/barbican

Affected ranges

Type
GIT
Repo
https://github.com/openstack/barbican
Events
Database specific
{
    "source": "CPE_STRING",
    "cpe": "cpe:2.3:a:redhat:openstack_platform:17.0:*:*:*:*:*:*:*",
    "extracted_events": [
        {
            "introduced": "17.0"
        },
        {
            "last_affected": "17.0"
        }
    ]
}

Affected versions

17.*
17.0
17.0.0
17.0.0.0rc1

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-1636.json"