OpenStack Heat

Submit a proposal Propose CVE/GCVE/GHSA reference

Approved changes feed: RSS · Atom

cpe:2.3:a:openstack:heat:-:*:*:*:*:*:*:*

part: a version: - update: *

VendorOpenstack (7b0cf974-b2b5-592e-bdf4-6953805ef02a)
ProductHeat (00555065-7463-5f11-9f46-7e1232f20492)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from NVD CPE 2.0 feed

PURL mappings

PURLSourceLast updated
pkg:docker/openstackhelm/heat purl2cpe 2026-06-01 10:17:03.682948
pkg:github/openstack/heat purl2cpe 2026-06-01 10:17:03.682949
pkg:npm/openstack-heat-wrapper purl2cpe 2026-06-01 10:17:03.682950
pkg:pypi/openstack-heat purl2cpe 2026-06-01 10:17:03.682952
pkg:rpm/opensuse/openstack-heat purl2cpe 2026-06-01 10:17:03.682953

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2024-7319 vulnerable 2026-06-03 14:58:05.588491 Openstack-heat: incomplete fix for cve-2023-1625
MEDIUM (5)
An incomplete fix for CVE-2023-1625 was found in openstack-heat. Sensitive information may possibly be disclosed through the OpenStack stack abandon command with the hidden feature set to True and the CVE-2023-1625 fix applied.
Published: 2024-08-02T20:36:24.314Z
Updated: 2025-11-20T20:56:47.430Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-1625 vulnerable 2026-06-03 14:48:55.994561 Information leak in api
HIGH (7.4)
An information leak was discovered in OpenStack heat. This issue could allow a remote, authenticated attacker to use the 'stack show' command to reveal parameters which are supposed to remain hidden. This has a low impact to the confidentiality, integrity, and availability of the system.
Published: 2023-09-24T00:08:12.738Z
Updated: 2024-09-24T14:59:25.505Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.