Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:pypi/tripleo-heat-templates@11.5.0

Type pypi

Namespace

Name tripleo-heat-templates

Version 11.5.0

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 11.6.1

Latest_non_vulnerable_version 12.0.0

Affected_by_vulnerabilities

url VCID-pehq-me7c-5bcg

vulnerability_id VCID-pehq-me7c-5bcg

summary

Exposure of Sensitive Information to an Unauthorized Actor
An information exposure flaw in openstack-tripleo-heat-templates allows an external user to discover the internal IP or hostname. An attacker could exploit this by checking the www_authenticate_uri parameter (which is visible to all end users) in configuration files. This would give sensitive information which may aid in additional system exploitation. This flaw affects openstack-tripleo-heat-templates versions prior to 11.6.1.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4180.json

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4180.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-4180

reference_id

reference_type

scores

value	0.00167
scoring_system	epss
scoring_elements	0.37553
published_at	2026-06-06T12:55:00Z

value	0.00167
scoring_system	epss
scoring_elements	0.37456
published_at	2026-06-04T12:55:00Z

value	0.00167
scoring_system	epss
scoring_elements	0.37549
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-4180

reference_url

https://bugs.launchpad.net/tripleo/+bug/1955397

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugs.launchpad.net/tripleo/+bug/1955397

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2035793

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=2035793

reference_url

https://github.com/openstack/tripleo-heat-templates

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/openstack/tripleo-heat-templates

reference_url

https://github.com/openstack/tripleo-heat-templates/commit/160936df134a471cfd245bd60964046027a571ea

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/openstack/tripleo-heat-templates/commit/160936df134a471cfd245bd60964046027a571ea

reference_url

https://github.com/openstack/tripleo-heat-templates/commit/2b9461e97fc5c4ceb0848d1cc4484f656bb85515

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/openstack/tripleo-heat-templates/commit/2b9461e97fc5c4ceb0848d1cc4484f656bb85515

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-4180

reference_id

CVE-2021-4180

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-4180

reference_url

https://github.com/advisories/GHSA-hm3x-jwwf-jpr9

reference_id

GHSA-hm3x-jwwf-jpr9

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-hm3x-jwwf-jpr9

reference_url	https://access.redhat.com/errata/RHSA-2022:0995
reference_id	RHSA-2022:0995
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0995

reference_url	https://access.redhat.com/errata/RHSA-2022:8796
reference_id	RHSA-2022:8796
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8796

fixed_packages

url	pkg:pypi/tripleo-heat-templates@11.6.1
purl	pkg:pypi/tripleo-heat-templates@11.6.1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:pypi/tripleo-heat-templates@11.6.1

url	pkg:pypi/tripleo-heat-templates@12.0.0
purl	pkg:pypi/tripleo-heat-templates@12.0.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:pypi/tripleo-heat-templates@12.0.0

aliases CVE-2021-4180, GHSA-hm3x-jwwf-jpr9

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pehq-me7c-5bcg

Fixing_vulnerabilities

Risk_score 3.1

Resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tripleo-heat-templates@11.5.0

Package Instance