Software vulnerabilities
OpenStack is an orchestration platform written mostly in Python and runs on top of Linux-based operating systems. This orchestration platform is responsible for provisioning instances or Infrastructure as a Service to tenants in support of workloads that are required to run in a cloud environment. Therefore, OpenStack software vulnerabilities can be broken down into two main groups. The first group consists of containers, instances, or bare metal servers that OpenStack provisions and orchestrates; the second group consists of the OpenStack infrastructure environment and its hosts.
Instance software security and patching
Under OpenStack, the hypervisor creates and runs independent virtual machines or instances. These instances require software updates and patching separate from the underlying OpenStack infrastructure on which it resides. Updates to the hypervisor and underlying server operating systems do not propagate up to the active workloads and instances; therefore...