Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/tripleo-heat-templates@7.4.7
Typepypi
Namespace
Nametripleo-heat-templates
Version7.4.7
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version12.0.0
Latest_non_vulnerable_version12.0.0
Affected_by_vulnerabilities
0
url VCID-ydv5-mcqz-3yed
vulnerability_id VCID-ydv5-mcqz-3yed
summary 
Missing Authentication for Critical Function
A resource-permission flaw was found in the openstack-tripleo-heat-templates package where ceph.client.openstack.keyring is created as world-readable. A local attacker with access to the key could read or modify data on Ceph cluster pools for OpenStack as though the attacker were the OpenStack service, thus potentially reading or modifying data in an OpenStack Block Storage volume.
references
0
reference_url https://access.redhat.com/errata/RHSA-2018:0602
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:0602
1
reference_url https://access.redhat.com/errata/RHSA-2018:1593
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:1593
2
reference_url https://access.redhat.com/errata/RHSA-2018:1627
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:1627
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12155.json
reference_id
reference_type
scores
0
value 8.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12155.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-12155
reference_id
reference_type
scores
0
value 0.00027
scoring_system epss
scoring_elements 0.08083
published_at 2026-06-05T12:55:00Z
1
value 0.00027
scoring_system epss
scoring_elements 0.08077
published_at 2026-06-07T12:55:00Z
2
value 0.00027
scoring_system epss
scoring_elements 0.08095
published_at 2026-06-06T12:55:00Z
3
value 0.00027
scoring_system epss
scoring_elements 0.0805
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-12155
5
reference_url https://bugs.launchpad.net/tripleo/+bug/1720787
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/tripleo/+bug/1720787
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1489360
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1489360
7
reference_url https://github.com/openstack/tripleo-heat-templates
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/tripleo-heat-templates
8
reference_url https://opendev.org/openstack/tripleo-heat-templates/commit/a18fd59077d97de83496c85c017b9d256a3eddd4
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://opendev.org/openstack/tripleo-heat-templates/commit/a18fd59077d97de83496c85c017b9d256a3eddd4
9
reference_url https://opendev.org/openstack/tripleo-heat-templates/commit/ce7b65f443d38a6627631f53cb22336338e97d30
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://opendev.org/openstack/tripleo-heat-templates/commit/ce7b65f443d38a6627631f53cb22336338e97d30
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-12155
reference_id CVE-2017-12155
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-12155
11
reference_url https://github.com/advisories/GHSA-w8gx-hhcx-px6w
reference_id GHSA-w8gx-hhcx-px6w
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-w8gx-hhcx-px6w
fixed_packages
0
url pkg:pypi/tripleo-heat-templates@8.0.0.0b1
purl pkg:pypi/tripleo-heat-templates@8.0.0.0b1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-pehq-me7c-5bcg
1
vulnerability VCID-vxt7-kug2-nkbh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tripleo-heat-templates@8.0.0.0b1
aliases CVE-2017-12155, GHSA-w8gx-hhcx-px6w
risk_score 3.8
exploitability 0.5
weighted_severity 7.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ydv5-mcqz-3yed
Fixing_vulnerabilities
Risk_score3.8
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/tripleo-heat-templates@7.4.7