OpenStack Heat
By the Year
In 2024 there have been 0 vulnerabilities in OpenStack Heat . Last year Heat had 1 security vulnerability published. Right now, Heat is on track to have less security vulnerabilities in 2024 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 1 | 5.00 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 1 | 5.50 |
It may take a day or so for new Heat vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent OpenStack Heat Security Vulnerabilities
An information leak was discovered in OpenStack heat
CVE-2023-1625
5 - Medium
- September 24, 2023
An information leak was discovered in OpenStack heat. This issue could allow a remote, authenticated attacker to use the 'stack show' command to reveal parameters which are supposed to remain hidden. This has a low impact to the confidentiality, integrity, and availability of the system.
An access-control flaw was found in the OpenStack Orchestration (heat) service before 8.0.0
CVE-2017-2621
5.5 - Medium
- July 27, 2018
An access-control flaw was found in the OpenStack Orchestration (heat) service before 8.0.0, 6.1.0 and 7.0.2 where a service log directory was improperly made world readable. A malicious system user could exploit this flaw to access sensitive information.
Files or Directories Accessible to External Parties
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Red Hat Openstack or by OpenStack? Click the Watch button to subscribe.
