Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/tripleo-heat-templates@6.0.0.0rc1
Typepypi
Namespace
Nametripleo-heat-templates
Version6.0.0.0rc1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version11.6.1
Latest_non_vulnerable_version12.0.0
Affected_by_vulnerabilities
0
url VCID-pehq-me7c-5bcg
vulnerability_id VCID-pehq-me7c-5bcg
summary 
Exposure of Sensitive Information to an Unauthorized Actor
An information exposure flaw in openstack-tripleo-heat-templates allows an external user to discover the internal IP or hostname. An attacker could exploit this by checking the www_authenticate_uri parameter (which is visible to all end users) in configuration files. This would give sensitive information which may aid in additional system exploitation. This flaw affects openstack-tripleo-heat-templates versions prior to 11.6.1.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4180.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4180.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-4180
reference_id
reference_type
scores
0
value 0.00167
scoring_system epss
scoring_elements 0.37549
published_at 2026-06-05T12:55:00Z
1
value 0.00167
scoring_system epss
scoring_elements 0.37456
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-4180
2
reference_url https://bugs.launchpad.net/tripleo/+bug/1955397
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/tripleo/+bug/1955397
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2035793
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=2035793
4
reference_url https://github.com/openstack/tripleo-heat-templates
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/tripleo-heat-templates
5
reference_url https://github.com/openstack/tripleo-heat-templates/commit/160936df134a471cfd245bd60964046027a571ea
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/tripleo-heat-templates/commit/160936df134a471cfd245bd60964046027a571ea
6
reference_url https://github.com/openstack/tripleo-heat-templates/commit/2b9461e97fc5c4ceb0848d1cc4484f656bb85515
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/tripleo-heat-templates/commit/2b9461e97fc5c4ceb0848d1cc4484f656bb85515
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-4180
reference_id CVE-2021-4180
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-4180
8
reference_url https://github.com/advisories/GHSA-hm3x-jwwf-jpr9
reference_id GHSA-hm3x-jwwf-jpr9
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-hm3x-jwwf-jpr9
9
reference_url https://access.redhat.com/errata/RHSA-2022:0995
reference_id RHSA-2022:0995
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0995
10
reference_url https://access.redhat.com/errata/RHSA-2022:8796
reference_id RHSA-2022:8796
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8796
fixed_packages
0
url pkg:pypi/tripleo-heat-templates@11.6.1
purl pkg:pypi/tripleo-heat-templates@11.6.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tripleo-heat-templates@11.6.1
1
url pkg:pypi/tripleo-heat-templates@12.0.0
purl pkg:pypi/tripleo-heat-templates@12.0.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tripleo-heat-templates@12.0.0
aliases CVE-2021-4180, GHSA-hm3x-jwwf-jpr9
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pehq-me7c-5bcg
1
url VCID-vxt7-kug2-nkbh
vulnerability_id VCID-vxt7-kug2-nkbh
summary A vulnerability was found in openstack-tripleo-heat-templates before version 8.0.2-40. When deployed using Director using default configuration, Opendaylight in RHOSP13 is configured with easily guessable default credentials.
references
0
reference_url https://access.redhat.com/errata/RHSA-2018:2214
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:2214
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10898.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10898.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-10898
reference_id
reference_type
scores
0
value 0.00168
scoring_system epss
scoring_elements 0.37657
published_at 2026-06-04T12:55:00Z
1
value 0.00168
scoring_system epss
scoring_elements 0.37749
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-10898
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10898
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10898
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1600360
reference_id 1600360
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1600360
fixed_packages
0
url pkg:pypi/tripleo-heat-templates@8.0.3
purl pkg:pypi/tripleo-heat-templates@8.0.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-pehq-me7c-5bcg
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tripleo-heat-templates@8.0.3
aliases CVE-2018-10898, PYSEC-2018-102
risk_score 4.0
exploitability 0.5
weighted_severity 7.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vxt7-kug2-nkbh
2
url VCID-ydv5-mcqz-3yed
vulnerability_id VCID-ydv5-mcqz-3yed
summary 
Missing Authentication for Critical Function
A resource-permission flaw was found in the openstack-tripleo-heat-templates package where ceph.client.openstack.keyring is created as world-readable. A local attacker with access to the key could read or modify data on Ceph cluster pools for OpenStack as though the attacker were the OpenStack service, thus potentially reading or modifying data in an OpenStack Block Storage volume.
references
0
reference_url https://access.redhat.com/errata/RHSA-2018:0602
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:0602
1
reference_url https://access.redhat.com/errata/RHSA-2018:1593
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:1593
2
reference_url https://access.redhat.com/errata/RHSA-2018:1627
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:1627
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12155.json
reference_id
reference_type
scores
0
value 8.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12155.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-12155
reference_id
reference_type
scores
0
value 0.00027
scoring_system epss
scoring_elements 0.0805
published_at 2026-06-04T12:55:00Z
1
value 0.00027
scoring_system epss
scoring_elements 0.08083
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-12155
5
reference_url https://bugs.launchpad.net/tripleo/+bug/1720787
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/tripleo/+bug/1720787
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1489360
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1489360
7
reference_url https://github.com/openstack/tripleo-heat-templates
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/tripleo-heat-templates
8
reference_url https://opendev.org/openstack/tripleo-heat-templates/commit/a18fd59077d97de83496c85c017b9d256a3eddd4
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://opendev.org/openstack/tripleo-heat-templates/commit/a18fd59077d97de83496c85c017b9d256a3eddd4
9
reference_url https://opendev.org/openstack/tripleo-heat-templates/commit/ce7b65f443d38a6627631f53cb22336338e97d30
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://opendev.org/openstack/tripleo-heat-templates/commit/ce7b65f443d38a6627631f53cb22336338e97d30
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-12155
reference_id CVE-2017-12155
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-12155
11
reference_url https://github.com/advisories/GHSA-w8gx-hhcx-px6w
reference_id GHSA-w8gx-hhcx-px6w
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-w8gx-hhcx-px6w
fixed_packages
0
url pkg:pypi/tripleo-heat-templates@7.0.6
purl pkg:pypi/tripleo-heat-templates@7.0.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-pehq-me7c-5bcg
1
vulnerability VCID-vxt7-kug2-nkbh
2
vulnerability VCID-ydv5-mcqz-3yed
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tripleo-heat-templates@7.0.6
1
url pkg:pypi/tripleo-heat-templates@8.0.0.0b1
purl pkg:pypi/tripleo-heat-templates@8.0.0.0b1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-pehq-me7c-5bcg
1
vulnerability VCID-vxt7-kug2-nkbh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tripleo-heat-templates@8.0.0.0b1
aliases CVE-2017-12155, GHSA-w8gx-hhcx-px6w
risk_score 3.8
exploitability 0.5
weighted_severity 7.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ydv5-mcqz-3yed
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/tripleo-heat-templates@6.0.0.0rc1