GCVE - cpe:2.3:a:openstack:heat:2013.2.1:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:openstack:heat:2013.2.1:*:*:*:*:*:*:*

part: a version: 2013.2.1 update: *

Vendor	Openstack (`7b0cf974-b2b5-592e-bdf4-6953805ef02a`)
Product	Heat (`00555065-7463-5f11-9f46-7e1232f20492`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
`pkg:docker/openstackhelm/heat`	purl2cpe	2026-06-01 10:17:03.682961
`pkg:github/openstack/heat`	purl2cpe	2026-06-01 10:17:03.682963
`pkg:npm/openstack-heat-wrapper`	purl2cpe	2026-06-01 10:17:03.682964
`pkg:pypi/openstack-heat`	purl2cpe	2026-06-01 10:17:03.682965
`pkg:rpm/opensuse/openstack-heat`	purl2cpe	2026-06-01 10:17:03.682967

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2014-3801`	vulnerable	2026-06-03 14:34:01.351829	Details available OpenStack Orchestration API (Heat) 2013.2 through 2013.2.3 and 2014.1, when creating the stack for a template using a provider template, allows remote authenticated users to obtain the provider template URL via the resource-type-list. Published: 2014-05-23T14:00:00.000Z Updated: 2024-08-06T10:57:17.233Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/67505 http://www.ubuntu.com/usn/USN-2249-1 http://www.openwall.com/lists/oss-security/2014/05/20/1 http://www.openwall.com/lists/oss-security/2014/05/20/6 https://bugs.launchpad.net/heat/+bug/1311223	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.