Skip to main content

Tripleo Heat Templates

3 CVEs product

Monthly

CVE-2018-10898 PyPI HIGH PATCH This Week

A vulnerability was found in openstack-tripleo-heat-templates before version 8.0.2-40. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Openstack Tripleo Heat Templates
NVD
CVSS 3.0
8.8
EPSS
0.9%
CVE-2015-5271 PyPI HIGH PATCH This Week

The TripleO Heat templates (tripleo-heat-templates) do not properly order the Identity Service (keystone) before the OpenStack Object Storage (Swift) staticweb middleware in the swiftproxy pipeline. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Openstack Tripleo Heat Templates
NVD
CVSS 3.0
7.5
EPSS
0.3%
CVE-2015-5303 PyPI HIGH PATCH This Week

The TripleO Heat templates (tripleo-heat-templates), when deployed via the commandline interface, allow remote attackers to spoof OpenStack Networking metadata requests by leveraging knowledge of the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Tripleo Heat Templates
NVD
CVSS 3.0
7.5
EPSS
0.3%
EPSS 1% CVSS 8.8
HIGH PATCH This Week

A vulnerability was found in openstack-tripleo-heat-templates before version 8.0.2-40. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Openstack Tripleo Heat Templates
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

The TripleO Heat templates (tripleo-heat-templates) do not properly order the Identity Service (keystone) before the OpenStack Object Storage (Swift) staticweb middleware in the swiftproxy pipeline. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Openstack Tripleo Heat Templates
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

The TripleO Heat templates (tripleo-heat-templates), when deployed via the commandline interface, allow remote attackers to spoof OpenStack Networking metadata requests by leveraging knowledge of the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Tripleo Heat Templates
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy