Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:pypi/tripleo-heat-templates@0.7.0

Type pypi

Namespace

Name tripleo-heat-templates

Version 0.7.0

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 12.0.0

Latest_non_vulnerable_version 12.0.0

Affected_by_vulnerabilities

url VCID-3m4n-mdyh-ffbn

vulnerability_id VCID-3m4n-mdyh-ffbn

summary The TripleO Heat templates (tripleo-heat-templates) do not properly order the Identity Service (keystone) before the OpenStack Object Storage (Swift) staticweb middleware in the swiftproxy pipeline when the staticweb middleware is enabled, which might allow remote attackers to obtain sensitive information from private containers via unspecified vectors.

references

reference_url

https://access.redhat.com/errata/RHSA-2015:1862

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2015:1862

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5271.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5271.json

reference_url

https://access.redhat.com/security/cve/CVE-2015-5271

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/security/cve/CVE-2015-5271

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-5271

reference_id

reference_type

scores

value	0.00342
scoring_system	epss
scoring_elements	0.57255
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-5271

reference_url

https://bugs.launchpad.net/tripleo/+bug/1494896

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://bugs.launchpad.net/tripleo/+bug/1494896

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1261697

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=1261697

reference_url	https://github.com/advisories/GHSA-8936-44gw-7664
reference_id
reference_type
scores
url	https://github.com/advisories/GHSA-8936-44gw-7664

reference_url

https://github.com/pypa/advisory-database/tree/main/vulns/tripleo-heat-templates/PYSEC-2016-34.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/pypa/advisory-database/tree/main/vulns/tripleo-heat-templates/PYSEC-2016-34.yaml

reference_url

https://git.openstack.org/cgit/openstack/tripleo-heat-templates

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://git.openstack.org/cgit/openstack/tripleo-heat-templates

reference_url

https://git.openstack.org/cgit/openstack/tripleo-heat-templates/commit/?id=1730d95acdbee7c7bbcfe1eba8a48ef2b0cc1476

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://git.openstack.org/cgit/openstack/tripleo-heat-templates/commit/?id=1730d95acdbee7c7bbcfe1eba8a48ef2b0cc1476

reference_url

https://launchpadlibrarian.net/217268516/CVE-2015-5271_puppet-swift.patch

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://launchpadlibrarian.net/217268516/CVE-2015-5271_puppet-swift.patch

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2015-5271

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2015-5271

reference_url

https://review.openstack.org/226541

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://review.openstack.org/226541

fixed_packages

url pkg:pypi/tripleo-heat-templates@0.8.7

purl pkg:pypi/tripleo-heat-templates@0.8.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-cc8y-yuq6-skhj

vulnerability	VCID-x7cw-9zxz-kba2

vulnerability	VCID-xtn8-x2x9-4ya8

vulnerability	VCID-zdf2-3ahs-7kge

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tripleo-heat-templates@0.8.7

aliases CVE-2015-5271, GHSA-8936-44gw-7664, PYSEC-2016-34

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3m4n-mdyh-ffbn

url VCID-cc8y-yuq6-skhj

vulnerability_id VCID-cc8y-yuq6-skhj

summary Openstack tripleo-heat-templates unauthenticated file access

references

reference_url

https://access.redhat.com/errata/RHSA-2018:0602

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2018:0602

reference_url

https://access.redhat.com/errata/RHSA-2018:1593

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2018:1593

reference_url

https://access.redhat.com/errata/RHSA-2018:1627

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2018:1627

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12155.json

reference_id

reference_type

scores

value	8.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12155.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-12155

reference_id

reference_type

scores

value	0.00027
scoring_system	epss
scoring_elements	0.08088
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-12155

reference_url

https://bugs.launchpad.net/tripleo/+bug/1720787

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugs.launchpad.net/tripleo/+bug/1720787

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1489360

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=1489360

reference_url

https://github.com/openstack/tripleo-heat-templates

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/openstack/tripleo-heat-templates

reference_url

https://opendev.org/openstack/tripleo-heat-templates/commit/a18fd59077d97de83496c85c017b9d256a3eddd4

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://opendev.org/openstack/tripleo-heat-templates/commit/a18fd59077d97de83496c85c017b9d256a3eddd4

reference_url

https://opendev.org/openstack/tripleo-heat-templates/commit/ce7b65f443d38a6627631f53cb22336338e97d30

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://opendev.org/openstack/tripleo-heat-templates/commit/ce7b65f443d38a6627631f53cb22336338e97d30

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-12155

reference_id

CVE-2017-12155

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2017-12155

reference_url

https://github.com/advisories/GHSA-w8gx-hhcx-px6w

reference_id

GHSA-w8gx-hhcx-px6w

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-w8gx-hhcx-px6w

fixed_packages

url pkg:pypi/tripleo-heat-templates@7.0.6

purl pkg:pypi/tripleo-heat-templates@7.0.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-cc8y-yuq6-skhj

vulnerability	VCID-xtn8-x2x9-4ya8

vulnerability	VCID-zdf2-3ahs-7kge

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tripleo-heat-templates@7.0.6

url pkg:pypi/tripleo-heat-templates@8.0.0.0b1

purl pkg:pypi/tripleo-heat-templates@8.0.0.0b1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-xtn8-x2x9-4ya8

vulnerability	VCID-zdf2-3ahs-7kge

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tripleo-heat-templates@8.0.0.0b1

aliases CVE-2017-12155, GHSA-w8gx-hhcx-px6w

risk_score 3.8

exploitability 0.5

weighted_severity 7.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cc8y-yuq6-skhj

url VCID-x7cw-9zxz-kba2

vulnerability_id VCID-x7cw-9zxz-kba2

summary The TripleO Heat templates (tripleo-heat-templates), when deployed via the commandline interface, allow remote attackers to spoof OpenStack Networking metadata requests by leveraging knowledge of the default value of the NeutronMetadataProxySharedSecret parameter.

references

reference_url

https://access.redhat.com/errata/RHSA-2015:2650

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2015:2650

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5303.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5303.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-5303

reference_id

reference_type

scores

value	0.00326
scoring_system	epss
scoring_elements	0.56001
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-5303

reference_url

https://bugs.launchpad.net/tripleo/+bug/1516027

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://bugs.launchpad.net/tripleo/+bug/1516027

reference_url	https://github.com/advisories/GHSA-m94p-8942-pm49
reference_id
reference_type
scores
url	https://github.com/advisories/GHSA-m94p-8942-pm49

reference_url

https://github.com/openstack/tripleo-heat-templates

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/openstack/tripleo-heat-templates

reference_url

https://github.com/openstack/tripleo-heat-templates/commit/1a0c7d97165c1b38dc9f78b82ac6ec8519fcf80c

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/openstack/tripleo-heat-templates/commit/1a0c7d97165c1b38dc9f78b82ac6ec8519fcf80c

reference_url

https://github.com/openstack/tripleo-heat-templates/commit/293f19b2a41386e1eea47a9e6add24b006c69c42

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/openstack/tripleo-heat-templates/commit/293f19b2a41386e1eea47a9e6add24b006c69c42

reference_url

https://github.com/pypa/advisory-database/tree/main/vulns/tripleo-heat-templates/PYSEC-2016-35.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/pypa/advisory-database/tree/main/vulns/tripleo-heat-templates/PYSEC-2016-35.yaml

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2015-5303

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2015-5303

reference_url

https://opendev.org/openstack/tripleo-heat-templates/commit/1a0c7d97165c1b38dc9f78b82ac6ec8519fcf80c

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://opendev.org/openstack/tripleo-heat-templates/commit/1a0c7d97165c1b38dc9f78b82ac6ec8519fcf80c

reference_url

https://opendev.org/openstack/tripleo-heat-templates/commit/293f19b2a41386e1eea47a9e6add24b006c69c42

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://opendev.org/openstack/tripleo-heat-templates/commit/293f19b2a41386e1eea47a9e6add24b006c69c42

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1272297
reference_id	1272297
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1272297

fixed_packages

url pkg:pypi/tripleo-heat-templates@0.8.9

purl pkg:pypi/tripleo-heat-templates@0.8.9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-cc8y-yuq6-skhj

vulnerability	VCID-x7cw-9zxz-kba2

vulnerability	VCID-xtn8-x2x9-4ya8

vulnerability	VCID-zdf2-3ahs-7kge

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tripleo-heat-templates@0.8.9

url pkg:pypi/tripleo-heat-templates@0.8.10

purl pkg:pypi/tripleo-heat-templates@0.8.10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-cc8y-yuq6-skhj

vulnerability	VCID-xtn8-x2x9-4ya8

vulnerability	VCID-zdf2-3ahs-7kge

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tripleo-heat-templates@0.8.10

aliases CVE-2015-5303, GHSA-m94p-8942-pm49, PYSEC-2016-35

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x7cw-9zxz-kba2

url VCID-xtn8-x2x9-4ya8

vulnerability_id VCID-xtn8-x2x9-4ya8

summary Exposure of Sensitive Information to an Unauthorized Actor in OpenStack tripleo-heat-templates

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4180.json

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4180.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-4180

reference_id

reference_type

scores

value	0.00167
scoring_system	epss
scoring_elements	0.37541
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-4180

reference_url

https://bugs.launchpad.net/tripleo/+bug/1955397

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugs.launchpad.net/tripleo/+bug/1955397

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2035793

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=2035793

reference_url

https://github.com/openstack/tripleo-heat-templates

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/openstack/tripleo-heat-templates

reference_url

https://github.com/openstack/tripleo-heat-templates/commit/160936df134a471cfd245bd60964046027a571ea

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/openstack/tripleo-heat-templates/commit/160936df134a471cfd245bd60964046027a571ea

reference_url

https://github.com/openstack/tripleo-heat-templates/commit/2b9461e97fc5c4ceb0848d1cc4484f656bb85515

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/openstack/tripleo-heat-templates/commit/2b9461e97fc5c4ceb0848d1cc4484f656bb85515

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-4180

reference_id

CVE-2021-4180

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-4180

reference_url

https://github.com/advisories/GHSA-hm3x-jwwf-jpr9

reference_id

GHSA-hm3x-jwwf-jpr9

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-hm3x-jwwf-jpr9

reference_url	https://access.redhat.com/errata/RHSA-2022:0995
reference_id	RHSA-2022:0995
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0995

reference_url	https://access.redhat.com/errata/RHSA-2022:8796
reference_id	RHSA-2022:8796
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8796

fixed_packages

url	pkg:pypi/tripleo-heat-templates@11.6.1
purl	pkg:pypi/tripleo-heat-templates@11.6.1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:pypi/tripleo-heat-templates@11.6.1

url	pkg:pypi/tripleo-heat-templates@12.0.0
purl	pkg:pypi/tripleo-heat-templates@12.0.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:pypi/tripleo-heat-templates@12.0.0

aliases CVE-2021-4180, GHSA-hm3x-jwwf-jpr9

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xtn8-x2x9-4ya8

url VCID-zdf2-3ahs-7kge

vulnerability_id VCID-zdf2-3ahs-7kge

summary A vulnerability was found in openstack-tripleo-heat-templates before version 8.0.2-40. When deployed using Director using default configuration, Opendaylight in RHOSP13 is configured with easily guessable default credentials.

references

reference_url	https://access.redhat.com/errata/RHSA-2018:2214
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:2214

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10898.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10898.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-10898

reference_id

reference_type

scores

value	0.00168
scoring_system	epss
scoring_elements	0.37744
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-10898

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10898
reference_id
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10898

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1600360
reference_id	1600360
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1600360

fixed_packages

url pkg:pypi/tripleo-heat-templates@8.0.3

purl pkg:pypi/tripleo-heat-templates@8.0.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-xtn8-x2x9-4ya8

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tripleo-heat-templates@8.0.3

aliases CVE-2018-10898, PYSEC-2018-102

risk_score 4.0

exploitability 0.5

weighted_severity 7.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zdf2-3ahs-7kge

Fixing_vulnerabilities

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tripleo-heat-templates@0.7.0

Package Instance