Skip to main content

Openstack Heat

3 CVEs product

Monthly

CVE-2022-36913 Maven MEDIUM This Month

Jenkins Openstack Heat Plugin 1.5 and earlier does not perform permission checks in methods implementing form validation, allowing attackers with Overall/Read permission to check for the existence of. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Jenkins Openstack Heat
NVD
CVSS 3.1
4.3
EPSS
0.5%
CVE-2022-36912 Maven MEDIUM This Month

A missing permission check in Jenkins Openstack Heat Plugin 1.5 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Jenkins Openstack Heat
NVD
CVSS 3.1
4.3
EPSS
0.5%
CVE-2022-36911 Maven MEDIUM This Month

A cross-site request forgery (CSRF) vulnerability in Jenkins Openstack Heat Plugin 1.5 and earlier allows attackers to connect to an attacker-specified URL. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Jenkins Openstack Heat
NVD
CVSS 3.1
6.5
EPSS
0.4%
EPSS 0% CVSS 4.3
MEDIUM This Month

Jenkins Openstack Heat Plugin 1.5 and earlier does not perform permission checks in methods implementing form validation, allowing attackers with Overall/Read permission to check for the existence of. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Jenkins Openstack Heat
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

A missing permission check in Jenkins Openstack Heat Plugin 1.5 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Jenkins Openstack Heat
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

A cross-site request forgery (CSRF) vulnerability in Jenkins Openstack Heat Plugin 1.5 and earlier allows attackers to connect to an attacker-specified URL. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Jenkins Openstack Heat
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy