Vulnerabilities > Openstack > Heat > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-02 | CVE-2024-7319 | An incomplete fix for CVE-2023-1625 was found in openstack-heat. | 5.0 |
| 2023-09-24 | CVE-2023-1625 | An information leak was discovered in OpenStack heat. | 5.0 |
| 2018-07-27 | CVE-2017-2621 | Files or Directories Accessible to External Parties vulnerability in multiple products An access-control flaw was found in the OpenStack Orchestration (heat) service before 8.0.0, 6.1.0 and 7.0.2 where a service log directory was improperly made world readable. | 5.5 |
| 2016-11-04 | CVE-2016-9185 | Information Exposure vulnerability in Openstack Heat In OpenStack Heat, by launching a new Heat stack with a local URL an authenticated user may conduct network discovery revealing internal network configuration. | 4.3 |