Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/tripleo-heat-templates@0.8.10
Typepypi
Namespace
Nametripleo-heat-templates
Version0.8.10
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version8.0.3
Latest_non_vulnerable_version11.6.1
Affected_by_vulnerabilities
0
url VCID-vxt7-kug2-nkbh
vulnerability_id VCID-vxt7-kug2-nkbh
summary A vulnerability was found in openstack-tripleo-heat-templates before version 8.0.2-40. When deployed using Director using default configuration, Opendaylight in RHOSP13 is configured with easily guessable default credentials.
references
0
reference_url https://access.redhat.com/errata/RHSA-2018:2214
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:2214
1
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10898
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10898
fixed_packages
0
url pkg:pypi/tripleo-heat-templates@8.0.3
purl pkg:pypi/tripleo-heat-templates@8.0.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tripleo-heat-templates@8.0.3
aliases CVE-2018-10898, PYSEC-2018-102
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vxt7-kug2-nkbh
Fixing_vulnerabilities
0
url VCID-nv7k-zxyu-e3fz
vulnerability_id VCID-nv7k-zxyu-e3fz
summary The TripleO Heat templates (tripleo-heat-templates), when deployed via the commandline interface, allow remote attackers to spoof OpenStack Networking metadata requests by leveraging knowledge of the default value of the NeutronMetadataProxySharedSecret parameter.
references
0
reference_url https://access.redhat.com/errata/RHSA-2015:2650
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2650
1
reference_url https://bugs.launchpad.net/tripleo/+bug/1516027
reference_id
reference_type
scores
url https://bugs.launchpad.net/tripleo/+bug/1516027
2
reference_url https://github.com/openstack/tripleo-heat-templates
reference_id
reference_type
scores
url https://github.com/openstack/tripleo-heat-templates
3
reference_url https://github.com/openstack/tripleo-heat-templates/commit/1a0c7d97165c1b38dc9f78b82ac6ec8519fcf80c
reference_id
reference_type
scores
url https://github.com/openstack/tripleo-heat-templates/commit/1a0c7d97165c1b38dc9f78b82ac6ec8519fcf80c
4
reference_url https://github.com/openstack/tripleo-heat-templates/commit/293f19b2a41386e1eea47a9e6add24b006c69c42
reference_id
reference_type
scores
url https://github.com/openstack/tripleo-heat-templates/commit/293f19b2a41386e1eea47a9e6add24b006c69c42
5
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tripleo-heat-templates/PYSEC-2016-35.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tripleo-heat-templates/PYSEC-2016-35.yaml
6
reference_url https://opendev.org/openstack/tripleo-heat-templates/commit/1a0c7d97165c1b38dc9f78b82ac6ec8519fcf80c
reference_id
reference_type
scores
url https://opendev.org/openstack/tripleo-heat-templates/commit/1a0c7d97165c1b38dc9f78b82ac6ec8519fcf80c
7
reference_url https://opendev.org/openstack/tripleo-heat-templates/commit/293f19b2a41386e1eea47a9e6add24b006c69c42
reference_id
reference_type
scores
url https://opendev.org/openstack/tripleo-heat-templates/commit/293f19b2a41386e1eea47a9e6add24b006c69c42
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-5303
reference_id CVE-2015-5303
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2015-5303
9
reference_url https://github.com/advisories/GHSA-m94p-8942-pm49
reference_id GHSA-m94p-8942-pm49
reference_type
scores
url https://github.com/advisories/GHSA-m94p-8942-pm49
fixed_packages
0
url pkg:pypi/tripleo-heat-templates@0.8.9
purl pkg:pypi/tripleo-heat-templates@0.8.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-vxt7-kug2-nkbh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tripleo-heat-templates@0.8.9
1
url pkg:pypi/tripleo-heat-templates@0.8.10
purl pkg:pypi/tripleo-heat-templates@0.8.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-vxt7-kug2-nkbh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tripleo-heat-templates@0.8.10
aliases CVE-2015-5303, GHSA-m94p-8942-pm49, PYSEC-2016-35
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nv7k-zxyu-e3fz
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/tripleo-heat-templates@0.8.10