Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports

Toggle filters

11 – 15 of 15 results

CVE-2015-5303

Medium priority
Vulnerable

The TripleO Heat templates (tripleo-heat-templates), when deployed via the commandline interface, allow remote attackers to spoof OpenStack Networking metadata requests by leveraging knowledge of the default value of...

1 affected packages

tripleo-heat-templates

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
tripleo-heat-templates Not in release Not in release Not in release Not affected Vulnerable
Show less packages

CVE-2015-5295

Low priority
Ignored

The template-validate command in OpenStack Orchestration API (Heat) before 2015.1.3 (kilo) and 5.0.x before 5.0.1 (liberty) allows remote authenticated users to cause a denial of service (memory consumption) or determine the...

1 affected packages

heat

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
heat Not affected Not affected
Show less packages

CVE-2014-3801

Medium priority

Some fixes available 1 of 2

OpenStack Orchestration API (Heat) 2013.2 through 2013.2.3 and 2014.1, when creating the stack for a template using a provider template, allows remote authenticated users to obtain the provider template URL via the resource-type-list.

1 affected packages

heat

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
heat
Show less packages

CVE-2013-6428

Medium priority
Ignored

The ReST API in OpenStack Orchestration API (Heat) before Havana 2013.2.1 and Icehouse before icehouse-2 allows remote authenticated users to bypass the tenant scoping restrictions via a modified tenant_id in the request path.

1 affected packages

heat

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
heat
Show less packages

CVE-2013-6426

Medium priority
Ignored

The cloudformation-compatible API in OpenStack Orchestration API (Heat) before Havana 2013.2.1 and Icehouse before icehouse-2 does not properly enforce policy rules, which allows local in-instance users to bypass intended access...

1 affected packages

heat

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
heat
Show less packages
  1. Previous page
  2. 1
  3. 2
  4. Next page
Export to JSON