Vulnerabilities > Openstack > Heat > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-08-02 CVE-2024-7319 An incomplete fix for CVE-2023-1625 was found in openstack-heat.
network
low complexity
openstack redhat
5.0
2023-09-24 CVE-2023-1625 An information leak was discovered in OpenStack heat.
network
low complexity
openstack redhat
5.0
2018-07-27 CVE-2017-2621 An access-control flaw was found in the OpenStack Orchestration (heat) service before 8.0.0, 6.1.0 and 7.0.2 where a service log directory was improperly made world readable.
local
low complexity
redhat openstack
5.5
2016-11-04 CVE-2016-9185 Information Exposure vulnerability in Openstack Heat
In OpenStack Heat, by launching a new Heat stack with a local URL an authenticated user may conduct network discovery revealing internal network configuration.
network
low complexity
openstack CWE-200
4.3