tripleo-heat-templates@7.0.7 vulnerabilities
Heat templates for deploying OpenStack with OpenStack.
-
latest version
18.0.0
-
first published
10 years ago
-
latest version published
2 years ago
-
licenses detected
- [0,)
Direct Vulnerabilities
Known vulnerabilities in the tripleo-heat-templates package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
Affected versions of this package are vulnerable to Insecure Defaults due to easily guessable credentials. How to fix Insecure Defaults? A fix was pushed into the |
[0,)
|
Affected versions of this package are vulnerable to Information Exposure by disclosing plain passwords in How to fix Information Exposure? There is no fixed version for |
[0,)
|
Affected versions of this package are vulnerable to Information Exposure by allowing an external user to discover the internal IP or hostname. An attacker could exploit this by checking the How to fix Information Exposure? Upgrade |
[0,16.0.0)
|
tripleo-heat-templates is a heat templates for deploying OpenStack. Affected versions of this package are vulnerable to Information Exposure. A local attacker with access to the key could read or modify data on Ceph cluster pools for OpenStack as though the attacker were the OpenStack service, thus potentially reading or modifying data in an OpenStack Block Storage volume. How to fix Information Exposure? Upgrade |
[,8.0.0.0b2)
|
tripleo-heat-templates is a heat templates to deploy OpenStack using OpenStack. Affected versions of this package are vulnerable to Privileges Escalation. When libvirtd is configured by OSP director (tripleo-heat-templates) to use the TLS transport it defaults to the same certificate authority as all non-libvirtd services. As no additional authentication is configured this allows these services to connect to libvirtd (which is equivalent to root access). How to fix Privileges Escalation? Upgrade |
[,8.0.0.0b2)
|